CVE-2015-1282
Published: 23 July 2015
Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the (1) Document::delay and (2) Document::DoFieldDelay functions.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
chromium-browser Launchpad, Ubuntu, Debian |
precise |
Ignored
|
| trusty |
Released
(44.0.2403.89-0ubuntu0.14.04.1.1095)
|
|
| upstream |
Released
(44.0.2403.89)
|
|
| utopic |
Ignored
(end of life, was needed)
|
|
| vivid |
Released
(44.0.2403.89-0ubuntu0.15.04.1.1177)
|
|
| wily |
Released
(44.0.2403.89-0ubuntu1.1195)
|
|
|
Patches: upstream: https://pdfium.googlesource.com/pdfium/+/4ff7a4246c81a71b4f878e959b3ca304cd76ec8a |
||
|
oxide-qt Launchpad, Ubuntu, Debian |
precise |
Does not exist
|
| trusty |
Does not exist
(trusty was not-affected)
|
|
| upstream |
Not vulnerable
|
|
| utopic |
Not vulnerable
|
|
| vivid |
Not vulnerable
|
|
| wily |
Not vulnerable
|
|