V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2015-6581
DEB
High

Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in G…

CVSS
7.6
High
EPSS
0.03
p83
Published
2015-01-01
Updated
2015-01-01
Description

Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering a memory-allocation failure.

Affected products
Chromium-browserChromium-browserChromium-browserChromium-browserChromium-browserChromium-browserChromium-browserChromium-browserChromium-browserChromium-browserChromium-browserChromium-browserOpenjpegOpenjpegOpenjpegOpenjpegOpenjpegOpenjpegOpenjpeg2Oxide-qt
CVSS vector
AV:N/AC:H/Au:N/C:C/I:C/A:C
Timeline
2015-01-01
Published
2015-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: H
High (H)
Authentication
Au: N
None (N)
Confidentiality Impact
C: C
Complete
Integrity Impact
I: C
Complete
Availability Impact
A: C
Complete
Exploit indicators
EPSS
0.027 · p83
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Debian
Chromium-browserOpenjpeg2Openjpeg
Canonical
Chromium-browserOxide-qtOpenjpeg
Google
Chrome
ProductVendorStatus
chromium-browserTracked
chromium-browserTracked
chromium-browserTracked
chromium-browserTracked
chromium-browserTracked
chromium-browserTracked
chromium-browserTracked
chromium-browserTracked
chromium-browserTracked
chromium-browserTracked
chromium-browserTracked
chromium-browserTracked
openjpegTracked
openjpegTracked
openjpegTracked
openjpegTracked
openjpegTracked
openjpegTracked
openjpeg2Tracked
oxide-qtTracked
Showing first 20 of 27
Source databases
DEB
CVE
UBU
Related vulnerabilities
BDU:2015-11331