Lucene search

[email protected]CVE-2015-6581

HistorySep 03, 2015 - 10:59 p.m.

CVE-2015-6581

2015-09-0322:59:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

openjpeg

vulnerability

remote code execution

denial of service

memory corruption

cve-2015-6581

9.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.042 Low

EPSS

Percentile

92.2%

JSON

Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering a memory-allocation failure.

CPENameOperatorVersion
google:chromegoogle chromele44.0.2403

CPE	Name	Operator	Version
google:chrome	google chrome	le	44.0.2403

References

googlechromereleases.blogspot.com/2015/09/stable-channel-update.html

lists.fedoraproject.org/pipermail/package-announce/2015-October/168736.html

lists.fedoraproject.org/pipermail/package-announce/2015-October/169258.html

www.debian.org/security/2016/dsa-3665

www.securitytracker.com/id/1033472

code.google.com/p/chromium/issues/detail?id=486538

code.google.com/p/chromium/issues/detail?id=526825

code.google.com/p/openjpeg/issues/detail?id=492

9.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.042 Low

EPSS

Percentile

92.2%

JSON

Related for CVE-2015-6581

mageia1 ubuntucve1 debiancve1 openvas8 fedora3 nessus5 prion1 debian1 kaspersky1