CVE-2014-7900Google Chrome vulnerability

CWE-3993 documents3 sources
Severity
7.5HIGHNVD
EPSS
1.4%
top 19.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedNov 19
Latest updateMay 17

Description

Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDgoogle/chrome39.0.2171.45

🔴Vulnerability Details

2
GHSA
GHSA-4g2c-w6c3-7ghw: Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser2022-05-17
OSV
CVE-2014-7900: Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser2014-11-19