Описание
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 53.0.2785.143-0ubuntu1.1307 |
| bionic | released | 53.0.2785.143-0ubuntu1.1307 |
| cosmic | released | 53.0.2785.143-0ubuntu1.1307 |
| devel | released | 53.0.2785.143-0ubuntu1.1307 |
| disco | released | 53.0.2785.143-0ubuntu1.1307 |
| eoan | released | 53.0.2785.143-0ubuntu1.1307 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [53.0.2785.143-0ubuntu0.14.04.1.1142]] |
| precise | ignored | |
| precise/esm | DNE | precise was ignored |
| trusty | released | 53.0.2785.143-0ubuntu0.14.04.1.1142 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | not-affected | code not present |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 2.2.0-1 |
| cosmic | not-affected | 2.2.0-1 |
| devel | not-affected | 2.2.0-1 |
| disco | not-affected | 2.2.0-1 |
| eoan | not-affected | 2.2.0-1 |
| esm-apps/bionic | not-affected | 2.2.0-1 |
| esm-apps/xenial | released | 2.1.2-1.1+deb9u2build0.1 |
| esm-infra-legacy/trusty | DNE | |
| precise | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| esm-infra/xenial | not-affected | |
| precise | DNE | |
| precise/esm | DNE |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Ch ...
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3