7.5
CVSSv2

CVE-2014-7903

Published: 19/11/2014 Updated: 08/09/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chrome prior to 39.0.2171.65, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted JPEG image.

Affected Products

Vendor Product Versions
GoogleChrome39.0.2171.45

Recent Articles

Google Removes SSLv3 Fallback Support From Chrome
Threatpost • Dennis Fisher • 18 Nov 2014

Google has released Chrome 39, fixing 42 security vulnerabilities and removing support for the fallback to SSLv3, the component that was the target of the POODLE attack revealed last month.
When the POODLE attack was disclosed by several Google researchers in October, the company said that it had added a change to Chrome that would disable SSLv3 fallback. The technique involves an attacker to force a server to fall back from a modern version of SSL/TLS to the older SSLv3 and then decrypt ...