{
  "modified": "2025-08-09T19:01:28Z",
  "published": "2010-12-07T21:00:09Z",
  "id": "CVE-2010-4489",
  "details": "libvpx, as used in Google Chrome before 8.0.552.215 and possibly other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebM video.  NOTE: this vulnerability exists because of a regression.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/42472"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/43728"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.ubuntu.com/usn/USN-1087-1"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.vupen.com/english/advisories/2011/0662"
    },
    {
      "type": "WEB",
      "url": "http://code.google.com/p/chromium/issues/detail?id=61653"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11919"
    }
  ]
}