CVE-2011-0480

Name of the Vulnerable Software and Affected Versions FFmpeg versions used in Google Chrome before 8.0.552.237 Google Chrome before 8.0.552.237 Chrome OS before 8.0.552.344

Description The issue is related to multiple buffer overflows in the Vorbis decoder, specifically in the vorbis dec.c file. This can be exploited by remote attackers using a crafted WebM file, potentially leading to a denial of service through memory corruption and application crash. The buffer overflows are related to buffers for the channel floor and the channel residue.

Recommendations For Google Chrome before 8.0.552.237, update to version 8.0.552.237 or later to resolve the issue. For Chrome OS before 8.0.552.344, update to version 8.0.552.344 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted WebM files until the issue is resolved.