CVE-2014-3157
Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0288 (2.9%)
Percentile: 86.4%
EPSS: 2026-05-06
Affects
google:chromeTechnical description
Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library.
Published: 6/11/2014, 10:57:18 AM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html
- http://secunia.com/advisories/58585
- http://secunia.com/advisories/59090
- http://secunia.com/advisories/60061
- http://secunia.com/advisories/60372
- http://security.gentoo.org/glsa/glsa-201408-16.xml
- http://www.debian.org/security/2014/dsa-2959
- http://www.securityfocus.com/bid/67972