Lucene search

[email protected]CVE-2014-7901

HistoryNov 19, 2014 - 11:59 a.m.

CVE-2014-7901

2014-11-1911:59:00

CWE-189

[email protected]

web.nvd.nist.gov

cve

2014

7901

integer overflow

opj_t2_read_packet_data

openjpeg

pdfium

google chrome

7.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

87.1%

JSON

Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long segment in a JPEG image.

CPENameOperatorVersion
google:chromegoogle chromele39.0.2171.45

CPE	Name	Operator	Version
google:chrome	google chrome	le	39.0.2171.45

References

googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html

www.securityfocus.com/bid/71158

www.securitytracker.com/id/1031241

code.google.com/p/chromium/issues/detail?id=413375

exchange.xforce.ibmcloud.com/vulnerabilities/98789

pdfium.googlesource.com/pdfium/+/e93d5341d87c54713a9632c8823288fa901a3b78

7.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

87.1%

JSON

Related for CVE-2014-7901

debiancve1 cvelist1 ubuntucve1 prion1 openvas5 archlinux1 nessus6 threatpost1 suse1 chrome1 freebsd1 gentoo1