CVE-2014-7947
Published: 22 January 2015
OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c.
Notes
Author | Note |
---|---|
mdeslaur | incomplete fix, see CVE-2016-4797 |
Priority
Status
Package | Release | Status |
---|---|---|
chromium-browser Launchpad, Ubuntu, Debian |
artful |
Released
(40.0.2214.94-0ubuntu1.1120)
|
bionic |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
cosmic |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
disco |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
eoan |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
focal |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
groovy |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
hirsute |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
impish |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
jammy |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
kinetic |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
lucid |
Ignored
(end of life)
|
|
lunar |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
mantic |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
precise |
Ignored
|
|
trusty |
Released
(40.0.2214.94-0ubuntu0.14.04.1.1068)
|
|
upstream |
Released
(40.0.2214.91)
|
|
utopic |
Released
(40.0.2214.94-0ubuntu0.14.10.1.1110)
|
|
vivid |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
wily |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
xenial |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
yakkety |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
zesty |
Released
(40.0.2214.94-0ubuntu1.1120)
|
|
gdcm Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(uses system openjpeg)
|
bionic |
Not vulnerable
(uses system openjpeg)
|
|
cosmic |
Not vulnerable
(uses system openjpeg)
|
|
disco |
Not vulnerable
(uses system openjpeg)
|
|
eoan |
Not vulnerable
(uses system openjpeg)
|
|
focal |
Not vulnerable
(uses system openjpeg)
|
|
groovy |
Not vulnerable
(uses system openjpeg)
|
|
hirsute |
Not vulnerable
(uses system openjpeg)
|
|
impish |
Not vulnerable
(uses system openjpeg)
|
|
jammy |
Not vulnerable
(uses system openjpeg)
|
|
kinetic |
Not vulnerable
(uses system openjpeg)
|
|
lucid |
Ignored
(end of life)
|
|
lunar |
Not vulnerable
(uses system openjpeg)
|
|
mantic |
Not vulnerable
(uses system openjpeg)
|
|
precise |
Not vulnerable
(uses system openjpeg)
|
|
trusty |
Not vulnerable
(uses system openjpeg)
|
|
upstream |
Needs triage
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Not vulnerable
(uses system openjpeg)
|
|
xenial |
Not vulnerable
(uses system openjpeg)
|
|
yakkety |
Not vulnerable
(uses system openjpeg)
|
|
zesty |
Not vulnerable
(uses system openjpeg)
|
|
insighttoolkit4 Launchpad, Ubuntu, Debian |
artful |
Ignored
(end of life)
|
bionic |
Not vulnerable
|
|
cosmic |
Not vulnerable
|
|
disco |
Not vulnerable
|
|
eoan |
Not vulnerable
|
|
focal |
Not vulnerable
|
|
groovy |
Not vulnerable
|
|
hirsute |
Not vulnerable
|
|
impish |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
kinetic |
Not vulnerable
|
|
lucid |
Does not exist
|
|
lunar |
Not vulnerable
|
|
mantic |
Does not exist
|
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was needed)
|
|
upstream |
Needs triage
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Does not exist
|
|
xenial |
Not vulnerable
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Ignored
(end of life)
|
|
openjpeg Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lucid |
Ignored
(end of life)
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
precise |
Ignored
(end of life)
|
|
trusty |
Not vulnerable
(code not present)
|
|
upstream |
Needs triage
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Ignored
(end of life)
|
|
xenial |
Not vulnerable
(code not present)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Does not exist
|
|
openjpeg2 Launchpad, Ubuntu, Debian |
artful |
Ignored
(end of life)
|
bionic |
Not vulnerable
(2.1.1-1)
|
|
cosmic |
Not vulnerable
(2.1.1-1)
|
|
disco |
Not vulnerable
(2.1.1-1)
|
|
eoan |
Not vulnerable
(2.1.1-1)
|
|
focal |
Not vulnerable
(2.1.1-1)
|
|
groovy |
Not vulnerable
(2.1.1-1)
|
|
hirsute |
Not vulnerable
(2.1.1-1)
|
|
impish |
Not vulnerable
(2.1.1-1)
|
|
jammy |
Not vulnerable
(2.1.1-1)
|
|
kinetic |
Not vulnerable
(2.1.1-1)
|
|
lucid |
Does not exist
|
|
lunar |
Not vulnerable
(2.1.1-1)
|
|
mantic |
Not vulnerable
(2.1.1-1)
|
|
precise |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.1.1)
|
|
utopic |
Does not exist
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Ignored
(end of life)
|
|
xenial |
Released
(2.1.2-1.1+deb9u2build0.1)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Ignored
(end of life)
|
|
oxide-qt Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lucid |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was not-affected)
|
|
upstream |
Not vulnerable
|
|
utopic |
Not vulnerable
|
|
vivid |
Not vulnerable
|
|
wily |
Not vulnerable
|
|
xenial |
Not vulnerable
|
|
yakkety |
Not vulnerable
|
|
zesty |
Not vulnerable
|
|
vxl Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lucid |
Ignored
(end of life)
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
precise |
Ignored
(end of life)
|
|
trusty |
Does not exist
(trusty was needed)
|
|
upstream |
Needs triage
|
|
utopic |
Does not exist
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Ignored
(end of life)
|
|
xenial |
Needed
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|