Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome prior to 49.0.2623.87, allow remote malicious users to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
debian debian linux 8.0 |
||
opensuse leap 42.1 |
||
opensuse opensuse 13.1 |
||
opensuse opensuse 13.2 |
||
opensuse suse linux enterprise server 12.0 |