CVE-2014-7945
published 2015-01-22CVE-2014-7945: OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a…
PriorityP422medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
1.76%
75.2th percentile
OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chrome | <= 40.0.2214.85 | — | |
| the_openjpeg_project | openjpeg2 | >= 0 < 2.1.2-1.1+deb9u2build0.1 | 2.1.2-1.1+deb9u2build0.1 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pw5j-466g-x8qc: OpenJPEG before r2908, as used in PDFium in Google Chrome before 40
ghsa_unreviewed·2022-05-17
CVE-2014-7945 [MEDIUM] CWE-119 GHSA-pw5j-466g-x8qc: OpenJPEG before r2908, as used in PDFium in Google Chrome before 40
OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c.
OSV
CVE-2014-7945: OpenJPEG before r2908, as used in PDFium in Google Chrome before 40
osv·2015-01-22·CVSS 5.0
CVE-2014-7945 [MEDIUM] CVE-2014-7945: OpenJPEG before r2908, as used in PDFium in Google Chrome before 40
OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c.
Red Hat
chromium-browser: out-of-bounds read in PDFium
vendor_redhat·2015-01-21·CVSS 5.0
CVE-2014-7945 [MEDIUM] CWE-125 chromium-browser: out-of-bounds read in PDFium
chromium-browser: out-of-bounds read in PDFium
OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c.
No detection rules found.
No public exploits indexed.
http://googlechromereleases.blogspot.com/2015/01/stable-update.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0093.htmlhttp://secunia.com/advisories/62383http://secunia.com/advisories/62665http://security.gentoo.org/glsa/glsa-201502-13.xmlhttp://www.securityfocus.com/bid/72288http://www.securitytracker.com/id/1031623https://code.google.com/p/chromium/issues/detail?id=414310https://pdfium.googlesource.com/pdfium/+/767aebbef641a89498deebc29369a078207b4dcchttp://googlechromereleases.blogspot.com/2015/01/stable-update.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0093.htmlhttp://secunia.com/advisories/62383http://secunia.com/advisories/62665http://security.gentoo.org/glsa/glsa-201502-13.xmlhttp://www.securityfocus.com/bid/72288http://www.securitytracker.com/id/1031623https://code.google.com/p/chromium/issues/detail?id=414310https://pdfium.googlesource.com/pdfium/+/767aebbef641a89498deebc29369a078207b4dcc
2015-01-22
Published