Denial of Service Vulnerability in Google Chrome's libvpx Code
CVE-2015-1258 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.
Learn more about our Cis Benchmark Audit For Google Chrome.