2013-02-23 22:55:02 2018-10-30 17:27:33

Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
opus-codec Opus 1.0.1 opus-codec Opus 1.0.0 Google Chrome 25.0.1364.98 Google Chrome 25.0.1364.95 Google Chrome 25.0.1364.93 Google Chrome 25.0.1364.92 Google Chrome 25.0.1364.91 Google Chrome 25.0.1364.90 Google Chrome 25.0.1364.89 Google Chrome 25.0.1364.88 Google Chrome 25.0.1364.87 Google Chrome 25.0.1364.86 Google Chrome 25.0.1364.85 Google Chrome 25.0.1364.84 Google Chrome 25.0.1364.82 Google Chrome 25.0.1364.81 Google Chrome 25.0.1364.80 Google Chrome 25.0.1364.79 Google Chrome 25.0.1364.78 Google Chrome 25.0.1364.77 Google Chrome 25.0.1364.76 Google Chrome 25.0.1364.75 Google Chrome 25.0.1364.74 Google Chrome 25.0.1364.73 Google Chrome 25.0.1364.72 Google Chrome 25.0.1364.70 Google Chrome 25.0.1364.68 Google Chrome 25.0.1364.67 Google Chrome 25.0.1364.66 Google Chrome 25.0.1364.65 Google Chrome 25.0.1364.63 Google Chrome 25.0.1364.62 Google Chrome 25.0.1364.61 Google Chrome 25.0.1364.58 Google Chrome 25.0.1364.57 Google Chrome 25.0.1364.56 Google Chrome 25.0.1364.55 Google Chrome 25.0.1364.54 Google Chrome 25.0.1364.53 Google Chrome 25.0.1364.52 Google Chrome 25.0.1364.51 Google Chrome 25.0.1364.50 Google Chrome 25.0.1364.49 Google Chrome 25.0.1364.48 Google Chrome 25.0.1364.47 Google Chrome 25.0.1364.46 Google Chrome 25.0.1364.45 Google Chrome 25.0.1364.44 Google Chrome 25.0.1364.43 Google Chrome 25.0.1364.42 Google Chrome 25.0.1364.41 Google Chrome 25.0.1364.40 Google Chrome 25.0.1364.39 Google Chrome 25.0.1364.38 Google Chrome 25.0.1364.37 Google Chrome 25.0.1364.36 Google Chrome 25.0.1364.35 Google Chrome 25.0.1364.34 Google Chrome 25.0.1364.33 Google Chrome 25.0.1364.32 Google Chrome 25.0.1364.31 Google Chrome 25.0.1364.30 Google Chrome 25.0.1364.29 Google Chrome 25.0.1364.28 Google Chrome 25.0.1364.27 Google Chrome 25.0.1364.26 Google Chrome 25.0.1364.25 Google Chrome 25.0.1364.24 Google Chrome 25.0.1364.23 Google Chrome 25.0.1364.22 Google Chrome 25.0.1364.21 Google Chrome 25.0.1364.20 Google Chrome 25.0.1364.19 Google Chrome 25.0.1364.18 Google Chrome 25.0.1364.17 Google Chrome 25.0.1364.16 Google Chrome 25.0.1364.15 Google Chrome 25.0.1364.14 Google Chrome 25.0.1364.13 Google Chrome 25.0.1364.12 Google Chrome 25.0.1364.11 Google Chrome 25.0.1364.10 Google Chrome 25.0.1364.9 Google Chrome 25.0.1364.8 Google Chrome 25.0.1364.7 Google Chrome 25.0.1364.5 Google Chrome 25.0.1364.3 Google Chrome 25.0.1364.2 Google Chrome 25.0.1364.1 Google Chrome 25.0.1364.0