FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libvpx -- buffer overflow in vp9_init_context_buffers

Affected packages
libvpx <


VuXML ID 6ca7eddd-d436-486a-b169-b948436bcf14
Discovery 2015-09-22
Entry 2015-11-10

The Mozilla Project reports:

Security researcher Khalil Zhani reported that a maliciously crafted vp9 format video could be used to trigger a buffer overflow while parsing the file. This leads to a potentially exploitable crash due to a flaw in the libvpx library.


CVE Name CVE-2015-4506