Endpoint Vulnerability

Buffer overflow in libvpx while parsing vp9 format video

Description

Security researcher Khalil Zhani reported that a maliciously crafted vp9 format video could be used to trigger a buffer overflow while parsing the file. This leads to a potentially exploitable crash due to a flaw in the libvpx library.

Affected Products

Thunderbird

References

CVE-2015-4506,