Common Vulnerabilities and Exposures assigned an identifier CVE-2012-5127 to the following vulnerability: Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5127 [2] http://googlechromereleases.blogspot.com/2012/11/stable-channel-release-and-beta-channel.html [3] https://code.google.com/p/chromium/issues/detail?id=157079 [4] https://bugs.gentoo.org/show_bug.cgi?id=442152 [5] https://bugs.gentoo.org/show_bug.cgi?id=442096 [6] https://groups.google.com/a/webmproject.org/forum/?fromgroups=#!topic/webp-discuss/QTtgi8YfgkE
Created libwebp tracking bugs for this issue Affects: fedora-all [bug 875072]
Created attachment 731108 [details] Backported patch from particular Debian bug entry