PT-2016-4586 · Google+1 · Google Chrome+2

Kdot

Publicado

2016-05-25

Atualizado

2019-01-16

CVE-2016-10403

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 51.0.2704.63

Description The issue is related to insufficient data validation on image data in PDFium, allowing a remote attacker to perform an out of bounds memory read via a crafted PDF file. This can lead to information disclosure.

Recommendations For versions prior to 51.0.2704.63, update to version 51.0.2704.63 or later to resolve the issue. As a temporary workaround, consider avoiding the use of PDFium for handling PDF files until the update is applied.

Exploit

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALT-PU-2016-2194

CVE-2016-10403

DSA-3590-1

ZDI-16-700

Produtos afetados

Alt Linux

Google Chrome

Pdfium

PT-2016-4586 · Google+1 · Google Chrome+2

CVE-2016-10403

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6