Your submission was sent successfully! Close

CVE-2016-5220

Published: 19 January 2017

PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to read local files via a crafted PDF file.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
precise Ignored

trusty Does not exist
(trusty was released [58.0.3029.81-0ubuntu0.14.04.1172])
upstream
Released (55.0.2883.75)
xenial
Released (55.0.2883.87-0ubuntu0.16.04.1263)
yakkety
Released (55.0.2883.87-0ubuntu0.16.10.1328)
zesty
Released (55.0.2883.87-0ubuntu1)
oxide-qt
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was not-affected)
upstream Not vulnerable

xenial Not vulnerable

yakkety Not vulnerable

zesty Not vulnerable