CVE-2015-6581

Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering a memory-allocation failure.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168736.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169258.html
http://www.debian.org/security/2016/dsa-3665
http://www.securitytracker.com/id/1033472
https://code.google.com/p/chromium/issues/detail?id=486538
https://code.google.com/p/chromium/issues/detail?id=526825
https://code.google.com/p/openjpeg/issues/detail?id=492
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168736.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169258.html
http://www.debian.org/security/2016/dsa-3665
http://www.securitytracker.com/id/1033472
https://code.google.com/p/chromium/issues/detail?id=486538
https://code.google.com/p/chromium/issues/detail?id=526825
https://code.google.com/p/openjpeg/issues/detail?id=492

Configurations

Configuration 1 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:35

Type	Values Removed	Values Added
References	~~() http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html -~~	() http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html -
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168736.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168736.html -
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169258.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169258.html -
References	~~() http://www.debian.org/security/2016/dsa-3665 -~~	() http://www.debian.org/security/2016/dsa-3665 -
References	~~() http://www.securitytracker.com/id/1033472 -~~	() http://www.securitytracker.com/id/1033472 -
References	~~() https://code.google.com/p/chromium/issues/detail?id=486538 -~~	() https://code.google.com/p/chromium/issues/detail?id=486538 -
References	~~() https://code.google.com/p/chromium/issues/detail?id=526825 -~~	() https://code.google.com/p/chromium/issues/detail?id=526825 -
References	~~() https://code.google.com/p/openjpeg/issues/detail?id=492 -~~	() https://code.google.com/p/openjpeg/issues/detail?id=492 -

07 Nov 2023, 02:26

Type	Values Removed	Values Added
References	~~(CONFIRM) https://code.google.com/p/chromium/issues/detail?id=486538 -~~	() https://code.google.com/p/chromium/issues/detail?id=486538 -
References	~~(CONFIRM) http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html - Patch, Vendor Advisory~~	() http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html -
References	~~(DEBIAN) http://www.debian.org/security/2016/dsa-3665 -~~	() http://www.debian.org/security/2016/dsa-3665 -
References	~~(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168736.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168736.html -
References	~~(CONFIRM) https://code.google.com/p/openjpeg/issues/detail?id=492 -~~	() https://code.google.com/p/openjpeg/issues/detail?id=492 -
References	~~(SECTRACK) http://www.securitytracker.com/id/1033472 -~~	() http://www.securitytracker.com/id/1033472 -
References	~~(CONFIRM) https://code.google.com/p/chromium/issues/detail?id=526825 -~~	() https://code.google.com/p/chromium/issues/detail?id=526825 -
References	~~(FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169258.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169258.html -

Information

Published : 2015-09-03 22:59

Updated : 2025-04-12 10:46

NVD link : CVE-2015-6581

Mitre link : CVE-2015-6581

CVE.ORG link : CVE-2015-6581

JSON object : View

Products Affected

google

chrome

CWE

NVD-CWE-Other

7.5 /10