Lucene search

ChromeCVE-2015-1273

HistoryJul 23, 2015 - 12:59 a.m.

CVE-2015-1273

2015-07-2300:59:03

CWE-119

Chrome

web.nvd.nist.gov

cve-2015-1273

openjpeg

heap-based buffer overflow

j2k.c

pdfium

google chrome

denial of service

nvd

vulnerability

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

9.7

Confidence

High

EPSS

0.019

Percentile

88.7%

JSON

Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document.

Affected configurations

Nvd

Node

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

Node

redhatenterprise_linux_desktop_supplementaryMatch6.0

redhatenterprise_linux_server_supplementaryMatch6.0

redhatenterprise_linux_server_supplementary_eusMatch6.7z

redhatenterprise_linux_workstation_supplementaryMatch6.0

Node

googlechromeRange≤43.0.2357.134

Node

debiandebian_linuxMatch8.0

VendorProductVersionCPE
opensuseopensuse13.1cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
opensuseopensuse13.2cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
redhatenterprise_linux_desktop_supplementary6.0cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*
redhatenterprise_linux_server_supplementary6.0cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*
redhatenterprise_linux_server_supplementary_eus6.7zcpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*
redhatenterprise_linux_workstation_supplementary6.0cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
opensuse	opensuse	13.1	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
opensuse	opensuse	13.2	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
redhat	enterprise_linux_desktop_supplementary	6.0	cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:::::::*
redhat	enterprise_linux_server_supplementary	6.0	cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:::::::*
redhat	enterprise_linux_server_supplementary_eus	6.7z	cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:::::::*
redhat	enterprise_linux_workstation_supplementary	6.0	cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:::::::*
google	chrome	*	cpe:2.3:a:google:chrome::::::::
debian	debian_linux	8.0	cpe:2.3:o:debian:debian_linux:8.0:::::::*