Lucene search
+L

285 matches found

NVD
NVD
added 2015/12/06 1:59 a.m.18 views

CVE-2015-6779

PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL...

4.3CVSS9AI score0.02025EPSS
Exploits0References9
OSV
OSV
added 2015/12/06 1:59 a.m.4 views

UBUNTU-CVE-2015-6779

PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL...

4.3CVSS7.2AI score0.02025EPSS
Exploits0References3
Prion
Prion
added 2015/10/15 10:59 a.m.13 views

Code injection

The CPDFDocument::GetPage function in fpdfapi/fpdfparser/fpdfparserdocument.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of service or possibly have unspecified other impact vi...

6.8CVSS7.6AI score0.01433EPSS
Exploits0References8Affected Software1
UbuntuCve
UbuntuCve
added 2015/10/15 10:59 a.m.21 views

CVE-2015-6758

The CPDFDocument::GetPage function in fpdfapi/fpdfparser/fpdfparserdocument.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of service or possibly have unspecified other impact vi...

6.8CVSS7.3AI score0.01433EPSS
Exploits0References4
CVE
CVE
added 2015/10/15 10:0 a.m.84 views

CVE-2015-6758

The CVE-2015-6758 entry concerns PDFium in Google Chrome/Chromium. The issue is a bad-cast in CPDF_Document::GetPage within fpdfapi/fpdf_parser/fpdf_parser_document.cpp, exploited via a crafted PDF, enabling a denial of service and possibly other impact. Public details consistently tie this to PD...

6.8CVSS9.4AI score0.01433EPSS
Exploits0References8Affected Software1
Mageia
Mageia
added 2015/07/27 5:45 p.m.45 views

Updated chromium-browser package fixes security vulnerabilities

Chromium-browser 44.0.2403.107 fixes several security issues: PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...

9.8CVSS10.4AI score0.03615EPSS
Exploits2References3
NVD
NVD
added 2015/07/23 12:59 a.m.15 views

CVE-2015-1271

PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted PDF document that triggers a large memory...

6.8CVSS9.7AI score0.01855EPSS
Exploits0References9
Prion
Prion
added 2015/07/23 12:59 a.m.18 views

Heap overflow

PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted PDF document that triggers a large memory...

6.8CVSS7.7AI score0.01855EPSS
Exploits0References9Affected Software7
Prion
Prion
added 2015/07/23 12:59 a.m.14 views

Design/Logic Flaw

Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the 1 Document::delay and 2...

6.8CVSS7.9AI score0.0158EPSS
Exploits0References9Affected Software7
UbuntuCve
UbuntuCve
added 2015/07/23 12:59 a.m.27 views

CVE-2015-1282

Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the 1 Document::delay and 2...

6.8CVSS7.3AI score0.0158EPSS
Exploits0References2
Prion
Prion
added 2015/01/30 11:59 a.m.22 views

Integer overflow

Integer overflow in CoreGraphics in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF document...

6.8CVSS8.2AI score0.0566EPSS
Exploits0References7Affected Software3
Prion
Prion
added 2015/01/30 11:59 a.m.28 views

Out-of-bounds

CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows, and 10.x through 10.1.13 and 11.x through 11.0.10 on OS X, allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted PDF document...

9.3CVSS7.8AI score0.04051EPSS
Exploits0References5Affected Software2
Prion
Prion
added 2015/01/27 8:4 p.m.27 views

Buffer overflow

Multiple off-by-one errors in fpdfapi/fpdffont/fontint.h in PDFium, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted PDF document, related to an "intra-object-overflow" issue, ...

6.8CVSS7.1AI score0.01811EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2015/01/27 8:4 p.m.16 views

CVE-2015-1359

Multiple off-by-one errors in fpdfapi/fpdffont/fontint.h in PDFium, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted PDF document, related to an "intra-object-overflow" issue, ...

6.8CVSS7.3AI score0.01508EPSS
Exploits0References5
Prion
Prion
added 2015/01/27 8:0 p.m.23 views

Design/Logic Flaw

Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/src/fpdfview.cpp and fpdfsdk/src/fsdkmgr.cpp, a different vulnerabili...

6.8CVSS7.2AI score0.01811EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2015/01/27 8:0 p.m.22 views

CVE-2014-9647

Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/src/fpdfview.cpp and fpdfsdk/src/fsdkmgr.cpp, a different vulnerabili...

6.8CVSS7.3AI score0.01149EPSS
Exploits0References5
OSV
OSV
added 2015/01/27 8:0 p.m.1 views

UBUNTU-CVE-2014-9647

Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/src/fpdfview.cpp and fpdfsdk/src/fsdkmgr.cpp, a different vulnerabili...

6.8CVSS5.9AI score0.01149EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2015/01/27 11:0 a.m.47 views

CVE-2015-1359

Removed by vendor...

6.8CVSS9.3AI score0.01508EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/01/22 10:59 p.m.37 views

CVE-2014-7945

OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document, related to j2k.c, jp2.c, and t2.c...

5CVSS7.2AI score0.01762EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2015/01/22 10:59 p.m.30 views

CVE-2014-7944

The sycc422torgb function in fxcodec/codec/fxcodecjpxopj.cpp in PDFium, as used in Google Chrome before 40.0.2214.91, does not properly handle odd values of image width, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...

5CVSS7.2AI score0.01903EPSS
Exploits0References4
Rows per page
Query Builder