QwikSec

Security Database

CVE

CWE

Training

CVE-2015-6776

Published: Dec 6, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 47.0.2526.73, allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during a discrete wavelet transform.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/0003-dwt-decode.patch

x_refsource_CONFIRM

http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html

x_refsource_CONFIRM

https://codereview.chromium.org/1416783002

x_refsource_CONFIRM

openSUSE-SU-2015:2290

vendor-advisory

x_refsource_SUSE

https://code.google.com/p/chromium/issues/detail?id=457480

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_DEBIAN

https://codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/README.pdfium

x_refsource_CONFIRM

openSUSE-SU-2015:2291

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.