Endpoint Vulnerability

Security Vulnerability CVE-2015-1258 for Google Chrome

Description

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data.

Affected Products

Google Chrome

References

CVE-2015-1258,