CVE-2015-1239

Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF.
References
Link Resource
https://bugs.chromium.org/p/chromium/issues/detail?id=457493 Issue Tracking Patch Third Party Advisory
https://bugs.chromium.org/p/chromium/issues/detail?id=430891 Issue Tracking Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00025.html Mailing List Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:uclouvain:openjpeg:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:google:pdfium:-:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

History

09 Nov 2021, 20:09

Type Values Removed Values Added
CPE cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:uclouvain:openjpeg:-:*:*:*:*:*:*:*
References (CONFIRM) https://bugs.chromium.org/p/chromium/issues/detail?id=457493 - Issue Tracking, Third Party Advisory (CONFIRM) https://bugs.chromium.org/p/chromium/issues/detail?id=457493 - Issue Tracking, Patch, Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2018/07/msg00025.html - (MLIST) https://lists.debian.org/debian-lts-announce/2018/07/msg00025.html - Mailing List, Third Party Advisory

Information

Published : 2017-10-18 17:29

Updated : 2021-11-09 20:09


NVD link : CVE-2015-1239

Mitre link : CVE-2015-1239


JSON object : View

Products Affected

uclouvain

  • openjpeg

debian

  • debian_linux

google

  • pdfium
  • chrome
CWE
CWE-415

Double Free