CVE-2015-6756

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 46.0.2490.71 PDFium (affected versions not specified) Opera (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in the CPDFSDK PageView implementation in PDFium, which can be exploited by remote attackers using a specially crafted PDF file. This can lead to a denial of service due to heap memory corruption or possibly have other unspecified impacts. The vulnerability is caused by the mishandling of a focused annotation in a PDF document.

Recommendations For Google Chrome versions prior to 46.0.2490.71, update to version 46.0.2490.71 or later to resolve the issue. For PDFium, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Opera, at the moment, there is no information about a newer version that contains a fix for this vulnerability.