Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-3189

Опубликовано: 08 окт. 2014
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via unknown vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Версия до 38.0.2125.7 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.6.z:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 74%
0.00832
Низкий

7.5 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2014-3189

ubuntu
больше 11 лет назад

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via unknown vectors.

redhat логотип

CVE-2014-3189

redhat
больше 11 лет назад

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via unknown vectors.

debian логотип

CVE-2014-3189

debian
больше 11 лет назад

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium ...

github логотип

GHSA-x5x9-qv4j-r93j

github
больше 3 лет назад

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via unknown vectors.

EPSS

Процентиль: 74%
0.00832
Низкий

7.5 High

CVSS2

Дефекты

CWE-264