Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-1628

Опубликовано: 21 фев. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 6.3

Описание

pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions.

РелизСтатусПримечание
devel

released

48.0.2564.116-0ubuntu1.1229
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [48.0.2564.116-0ubuntu0.14.04.1.1111]]
precise

ignored

trusty

released

48.0.2564.116-0ubuntu0.14.04.1.1111
trusty/esm

DNE

trusty was released [48.0.2564.116-0ubuntu0.14.04.1.1111]
upstream

released

48.0.2564.109
vivid

ignored

end of life, was needed
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

released

48.0.2564.116-0ubuntu0.15.10.1.1221

Показывать по

РелизСтатусПримечание
devel

not-affected

pdfium not used
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [pdfium not used]]
precise

DNE

trusty

not-affected

pdfium not used
trusty/esm

DNE

trusty was not-affected [pdfium not used]
upstream

needs-triage

vivid

not-affected

pdfium not used
vivid/stable-phone-overlay

not-affected

pdfium not used
vivid/ubuntu-core

DNE

wily

not-affected

pdfium not used

Показывать по

Ссылки на источники

EPSS

Процентиль: 75%
0.00908
Низкий

6.8 Medium

CVSS2

6.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-1628

redhat
почти 10 лет назад

pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions.

nvd логотип

CVE-2016-1628

CVSS3: 6.3
nvd
почти 10 лет назад

pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions.

debian логотип

CVE-2016-1628

CVSS3: 6.3
debian
почти 10 лет назад

pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564. ...

github логотип

GHSA-84x5-p2mg-fvmp

CVSS3: 6.3
github
больше 3 лет назад

pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions.

fstec логотип

BDU:2016-00529

fstec
почти 10 лет назад

Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

EPSS

Процентиль: 75%
0.00908
Низкий

6.8 Medium

CVSS2

6.3 Medium

CVSS3