Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, miscalculates a certain layer index value, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Chrome PDFium OpenJPEG 拒绝服务漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。PDFium是其中的一个开源PDF渲染引擎。OpenJPEG是一款基于C语言的开源JPEG 2000编码解码器。 Google Chrome 48.0.2564.109之前版本的PDFium中使用的OpenJPEG的pi.c文件中的‘opj_pi_update_decode_poc’函数存在安全漏洞,该漏洞源于程序没有正确处理层索引值。远程攻击者可借助特制的PDF文档利用该漏洞造成拒绝服务(越边界读取)。
CVSS Information
N/A
Vulnerability Type
N/A