The Mozilla Project reports:
Security researcher Abhishek Arya (Inferno) of the Google
Chrome Security Team used the Address Sanitizer tool to
discover two buffer overflow issues in the Libvpx library
used for WebM video when decoding a malformed WebM video
file. These buffer overflows result in potentially
exploitable crashes.