CVE-2010-4489

Publication date 7 December 2010

Last updated 24 July 2024

Ubuntu priority

libvpx, as used in Google Chrome before 8.0.552.215 and possibly other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebM video. NOTE: this vulnerability exists because of a regression.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
chromium-browser	10.10 maverick	Ignored end of life
	10.04 LTS lucid	Ignored end of life
	9.10 karmic	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release
libvpx	10.10 maverick	Fixed 0.9.5-2~build0.10.10.1
	10.04 LTS lucid	Fixed 0.9.5-2~build0.10.04.1
	9.10 karmic	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
libvpx	Upstream: http://review.webmproject.org/#change,1098

CVE-2010-4489

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references