The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allow remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact by leveraging improper interaction with the vp3_h_loop_filter_c function in libavcodec/vp3dsp.c in FFmpeg.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2015-12-06T01:00:00
Updated: 2024-08-06T08:20:42.385Z
Reserved: 2015-12-05T00:00:00
Link: CVE-2015-8480
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-12-06T01:59:27.720
Modified: 2023-11-07T02:28:25.720
Link: CVE-2015-8480
Redhat