Security Advisory

CVE-2015-1224

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-03-09 00:00:00

Last updated 2024-08-06 04:33:20

Assigner Chrome

State PUBLISHED

Description

The VpxVideoDecoder::VpxDecode function in media/filters/vpx_video_decoder.cc in the vpxdecoder implementation in Google Chrome before 41.0.2272.76 does not ensure that alpha-plane dimensions are identical to image dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted VPx video data.

← Browse all CVEs View on cve.org ↗