cbcvebase.
CVE-2019-13706
published 2019-11-25

CVE-2019-13706: Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF…

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Affected

9 ranges
VendorProductVersion rangeFixed in
chromiumchromium>= 0 < 78.0.3904.87-178.0.3904.87-1
chromiumchromium>= 0 < 78.0.3904.87-178.0.3904.87-1
chromiumchromium>= 0 < 78.0.3904.87-178.0.3904.87-1
chromiumchromium>= 0 < 78.0.3904.87-178.0.3904.87-1
debianchromium< chromium 78.0.3904.87-1 (bookworm)chromium 78.0.3904.87-1 (bookworm)
googlechrome< 78.0.3904.7078.0.3904.70
googlechrome>= unspecified < 78.0.3904.7078.0.3904.70
googlechrome_chrome
opensusebackports_sle

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv7.8HIGH