CVE-2015-1239

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenJPEG versions before r2997 PDFium in Google Chrome (affected versions not specified)

Description The issue is related to a double free vulnerability in the j2k read ppm v3 function. This vulnerability allows remote attackers to cause a denial of service, resulting in a process crash, by providing a crafted PDF.

Recommendations For OpenJPEG versions before r2997, update to version r2997 or later to resolve the issue. For PDFium in Google Chrome, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

CVE-2015-1239

DLA-1433-1

DLA-1851-1

OPENSUSE-SU-2018_1381-1

SUSE-SU-2018:1364-1

SUSE-SU-2018_1364-1

Affected Products

Google Chrome

Openjpeg

Pdfium

Suse

CVE-2015-1239

Weakness Enumeration

Related Identifiers

Affected Products

References · 42