Lucene search

[email protected]CVE-2014-7903

HistoryNov 19, 2014 - 11:59 a.m.

CVE-2014-7903

2014-11-1911:59:04

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-7903

openjpeg

pdfium

google chrome

buffer overflow

denial of service

vulnerability

cybersecurity

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG image.

Affected configurations

NVD

Node

googlechromeRange≤39.0.2171.45

CPENameOperatorVersion
google:chromegoogle chromele39.0.2171.45

CPE	Name	Operator	Version
google:chrome	google chrome	le	39.0.2171.45

References

googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html

www.securityfocus.com/bid/71164

www.securitytracker.com/id/1031241

code.google.com/p/chromium/issues/detail?id=414525

exchange.xforce.ibmcloud.com/vulnerabilities/98791

pdfium.googlesource.com/pdfium/+/4dc95e74e1acc75f4eab08bc771874cd2a9c3a9b

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

Related for CVE-2014-7903

ubuntucve1 cvelist1 debiancve1 prion1 nvd1 openvas5 archlinux1 threatpost1 nessus6 freebsd1 suse1 chrome1 gentoo1