New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 162776 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Email to this user bounced
Closed: Dec 2012
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 1
Type: Bug-Security



Sign in to add a comment

PDF: out-of-bounds reads with crazy bits per component / num components values

Reported by scarybea...@gmail.com, Nov 27 2012

Issue description

Credit: Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team.

Repros attached.
 
3751.pdf.asan.a.4939
393 KB Download
43.pdf.asan.54.5922
714 KB Download
Labels: -Restrict-View-SecurityTeam Restrict-View-SecurityNotify Merge-Approved
Status: FixUnreleased
PDF r2019
Labels: -Mstone-23 -Merge-Approved Mstone-24 Merge-Merged
M24: r2042
Labels: Release-0

Comment 4 by jsc...@chromium.org, Dec 20 2012

Status: Fixed
Labels: CVE-2012-5157
Project Member

Comment 6 by bugdroid1@chromium.org, Mar 10 2013

Labels: -Type-Security -Feature-PDF -SecSeverity-Medium -SecImpacts-Stable -SecImpacts-Beta -Mstone-24 Cr-Content-Plugins-PDF Security-Impact-Beta Security-Severity-Medium M-24 Security-Impact-Stable Type-Bug-Security
Project Member

Comment 7 by bugdroid1@chromium.org, Mar 11 2013

Labels: -Area-Undefined
Labels: -Restrict-View-SecurityNotify
Project Member

Comment 9 by bugdroid1@chromium.org, Mar 21 2013

Labels: -Security-Impact-Stable Security_Impact-Stable
Project Member

Comment 10 by bugdroid1@chromium.org, Mar 21 2013

Labels: -Security-Severity-Medium Security_Severity-Medium
Project Member

Comment 11 by bugdroid1@chromium.org, Mar 21 2013

Labels: -Security-Impact-Beta Security_Impact-Beta
Project Member

Comment 12 by bugdroid1@chromium.org, Apr 5 2013

Labels: Cr-Blink
Project Member

Comment 13 by bugdroid1@chromium.org, Apr 6 2013

Labels: -Cr-Content-Plugins-PDF Cr-Internals-Plugins-PDF
Project Member

Comment 14 by sheriffbot@chromium.org, Jun 14 2016

Labels: -security_impact-beta
Project Member

Comment 15 by sheriffbot@chromium.org, Oct 1 2016

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 16 by sheriffbot@chromium.org, Oct 2 2016

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Labels: allpublic
Labels: CVE_description-submitted
Project Member

Comment 19 by sheriffbot@chromium.org, Jul 29

Labels: -Pri-0 Pri-1

Sign in to add a comment