CVE-2015-1239 — Vulnetix

Try Vulnetix Request Demo

CVE-2015-1239 PUBLISHED

Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF.

EPSS 0.83% · 74.4th percentile

Risk Scores

EPSS Score

0.83%

74.4th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	openjpeg2	0, 2.1.0-2.1, 2.1.0-2.1ubuntu0.1

Timeline

Oct 18, 2017 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2015-1239 third-party-advisory
https://bugs.chromium.org/p/chromium/issues/detail?id=430891 third-party-advisory
https://bugs.chromium.org/p/chromium/issues/detail?id=457493 third-party-advisory
https://gist.github.com/bittorrent3389/8fee7cdaa73d1d351ee9 third-party-advisory
https://github.com/uclouvain/openjpeg/commit/28c6f547987e8cbe5ccaef622da4cf6667068989 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2015-1239 third-party-advisory

Open in Interactive Console →