ridsdszltdel on Nostr: Update your browser and your libvpx dependency. "Heap buffer overflow in vp8 encoding ...
Update your browser and your libvpx dependency.
"Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
"Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. Fixed in Firefox 118.0.1, Firefox ESR 115.3.1, Firefox Focus for Android 118.1, Firefox for Android 118.1"
https://www.tenable.com/cve/CVE-2023-5217
https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
"Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
"Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. Fixed in Firefox 118.0.1, Firefox ESR 115.3.1, Firefox Focus for Android 118.1, Firefox for Android 118.1"
https://www.tenable.com/cve/CVE-2023-5217
https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
quoting nevent1q…v7nvA new Chrome 0-day is sending the Internet into a new chapter of Groundhog Day https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/