Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.