1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
Candidate: CVE-2016-1619
PublicDate: 2016-01-25
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1619
http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
Description:
Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb
functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in
Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial
of service (out-of-bounds read) or possibly have unspecified other impact
via a crafted PDF document.
Ubuntu-Description:
Out-of-bounds read in PDFium.
Notes:
Bugs:
Priority: medium
Discovered-by: Keve Nagy
Assigned-to:
Patches_chromium-browser:
upstream_chromium-browser: released (48.0.2564.82)
precise_chromium-browser: ignored
trusty_chromium-browser: released (48.0.2564.82-0ubuntu0.14.04.1.1108)
vivid_chromium-browser: released (48.0.2564.82-0ubuntu0.15.04.1.1193)
vivid/stable-phone-overlay_chromium-browser: DNE
vivid/ubuntu-core_chromium-browser: DNE
wily_chromium-browser: released (48.0.2564.82-0ubuntu0.15.10.1.1219)
devel_chromium-browser: released (48.0.2564.82-0ubuntu1.1222)
Patches_oxide-qt:
upstream_oxide-qt: not-affected
precise_oxide-qt: DNE
trusty_oxide-qt: not-affected
vivid_oxide-qt: not-affected
vivid/stable-phone-overlay_oxide-qt: not-affected
vivid/ubuntu-core_oxide-qt: DNE
wily_oxide-qt: not-affected
devel_oxide-qt: not-affected
|