9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.041 Low
EPSS
Percentile
91.2%
The libvpx packages provide the VP8 SDK, which allows the encoding and
decoding of the VP8 video codec, commonly used with the WebM multimedia
container file format.
An integer overflow flaw, leading to arbitrary memory writes, was found in
libvpx. An attacker could create a specially-crafted video encoded using
the VP8 codec that, when played by a victim with an application using
libvpx (such as Totem), would cause the application to crash or,
potentially, execute arbitrary code. (CVE-2010-4203)
All users of libvpx are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, all applications using libvpx must be restarted for the changes to
take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | s390 | libvpx | <Â 0.9.0-8.el6_0 | libvpx-0.9.0-8.el6_0.s390.rpm |
RedHat | 6 | ppc64 | libvpx-debuginfo | <Â 0.9.0-8.el6_0 | libvpx-debuginfo-0.9.0-8.el6_0.ppc64.rpm |
RedHat | 6 | x86_64 | libvpx-utils | <Â 0.9.0-8.el6_0 | libvpx-utils-0.9.0-8.el6_0.x86_64.rpm |
RedHat | 6 | x86_64 | libvpx-devel | <Â 0.9.0-8.el6_0 | libvpx-devel-0.9.0-8.el6_0.x86_64.rpm |
RedHat | 6 | src | libvpx | <Â 0.9.0-8.el6_0 | libvpx-0.9.0-8.el6_0.src.rpm |
RedHat | 6 | ppc | libvpx | <Â 0.9.0-8.el6_0 | libvpx-0.9.0-8.el6_0.ppc.rpm |
RedHat | 6 | s390x | libvpx-utils | <Â 0.9.0-8.el6_0 | libvpx-utils-0.9.0-8.el6_0.s390x.rpm |
RedHat | 6 | s390 | libvpx-devel | <Â 0.9.0-8.el6_0 | libvpx-devel-0.9.0-8.el6_0.s390.rpm |
RedHat | 6 | s390 | libvpx-debuginfo | <Â 0.9.0-8.el6_0 | libvpx-debuginfo-0.9.0-8.el6_0.s390.rpm |
RedHat | 6 | ppc64 | libvpx-utils | <Â 0.9.0-8.el6_0 | libvpx-utils-0.9.0-8.el6_0.ppc64.rpm |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.041 Low
EPSS
Percentile
91.2%