Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-3189

Опубликовано: 07 окт. 2014
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via unknown vectors.

Ссылки на источники

Дополнительная информация

Статус:

Critical
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1151368chromium: OOB reads in PDFium fixed in Chrome 38.0.2125.101

EPSS

Процентиль: 74%
0.00832
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-3189

ubuntu
больше 11 лет назад

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via unknown vectors.

nvd логотип

CVE-2014-3189

nvd
больше 11 лет назад

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via unknown vectors.

debian логотип

CVE-2014-3189

debian
больше 11 лет назад

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium ...

github логотип

GHSA-x5x9-qv4j-r93j

github
больше 3 лет назад

The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via unknown vectors.

EPSS

Процентиль: 74%
0.00832
Низкий

6.8 Medium

CVSS2