libvpx: buffer-overflow vulnerability

Users of libvpx please be advised of a buffer-overflow vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

USN-1015-1: [USN-1015-1] libvpx buffer-overflow vulnerability
Details follow:

Christoph Diehl discovered that libvpx did not properly perform bounds

checking. If an application using libvpx opened a specially crafted

WebM file, an attacker could cause a denial of service or possibly execute

code as the user invoking the program.
Read more at http://www.criticalwatch.com

 

Advertisements