← voltar
CVE-2014-3198

CVE-2014-3198

EPSS 1.3%
The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1626.htmlhttps://codereview.chromium.org/560133004https://crbug.com/415307http://www.securityfocus.com/bid/70273