Candidate: CVE-2015-1239
PublicDate: 2017-10-18 17:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1239
 https://bugs.chromium.org/p/chromium/issues/detail?id=430891
 https://bugs.chromium.org/p/chromium/issues/detail?id=457493
 https://gist.github.com/bittorrent3389/8fee7cdaa73d1d351ee9
Description:
 Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG
 before r2997, as used in PDFium in Google Chrome, allows remote attackers
 to cause a denial of service (process crash) via a crafted PDF.
Ubuntu-Description:
Notes:
Bugs:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [6.5 MEDIUM]
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [6.5 MEDIUM]


Patches_openjpeg2:
upstream_openjpeg2: released (2.1.1)
precise/esm_openjpeg2: DNE
trusty_openjpeg2: DNE
trusty/esm_openjpeg2: DNE
xenial_openjpeg2: released (2.1.2-1.1+deb9u2build0.1)

zesty_openjpeg2: not-affected
artful_openjpeg2: not-affected
bionic_openjpeg2: not-affected (2.1.1-1)
devel_openjpeg2: not-affected (2.1.1-1)