QwikSec

Security Database

CVE

CWE

Training

CVE-2016-1613

Published: Jan 25, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destruction of (1) IPWL_FocusHandler and (2) IPWL_Provider objects.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_REDHAT

https://pdfium.googlesource.com/pdfium/+/dcac57bc8b64fdc870d79d11a498ae7021cf8ae7

x_refsource_CONFIRM

https://code.google.com/p/chromium/issues/detail?id=572871

x_refsource_CONFIRM

http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

openSUSE-SU-2016:0249

vendor-advisory

x_refsource_SUSE

https://codereview.chromium.org/1564773003

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

openSUSE-SU-2016:0271

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2016:0250

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.