Debian Libvpx vulnerabilities

CVE-2015-4485 [CRITICAL] CVE-2015-4485: libvpx - Heap-based buffer overflow in the resize_context_buffers function in libvpx in M... Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data. Scope: local bookworm: resolved (fixed in 1.4.0-1) bullseye: resolved (fixed in 1.4.0-1) forky: resolved (fixed in 1.4.0-1) sid: resolved (fixed i

CVE-2015-4506 [MEDIUM] CVE-2015-4506: libvpx - Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in M... Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file. Scope: local bookworm: resolved (fixed in 1.4.0-4) bullseye: resolved (fixed in 1.4.0-4) forky: resolved (fixed in 1.4.0-4) sid: resolved (fixed in 1.4.0-

CVE-2015-1258 [HIGH] CVE-2015-1258: libvpx - Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with ... Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data. Scope: local bookworm: resolved (fixed in 1.4.0-4)

CVE-2014-1578 [HIGH] CVE-2014-1578: libvpx - The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31... The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback. Scope:

CVE-2012-0823 [MEDIUM] CVE-2012-0823: libvpx - VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers to cause a... VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers to cause a denial of service (application crash) via (1) unspecified "corrupt input" or (2) by "starting decoding from a P-frame," which triggers an out-of-bounds read, related to "the clamping of motion vectors in SPLITMV blocks". Scope: local bookworm: resolved (fixed in 1.0.0-1) bullseye: resolv

CVE-2010-4203 [CRITICAL] CVE-2010-4203: libvpx - WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome befor... WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames. Scope: local bookworm: resolved (fixed in 0.9.1-2) bullseye: resolved (fixed in 0.9.1-2) forky: resolved (fixed in 0.9.1-2) sid: resolved (fixed

CVE-2010-4489 [MEDIUM] CVE-2010-4489: libvpx - libvpx, as used in Google Chrome before 8.0.552.215 and possibly other products,... libvpx, as used in Google Chrome before 8.0.552.215 and possibly other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebM video. NOTE: this vulnerability exists because of a regression. Scope: local bookworm: resolved (fixed in 0.9.5-1) bullseye: resolved (fixed in 0.9.5-1) forky: resolved (fixed in 0.9.5-1) sid: re