The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via unknown vectors.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2014-10-08T10:00:00

Updated: 2024-08-06T10:35:57.101Z

Reserved: 2014-05-03T00:00:00

Link: CVE-2014-3189

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-10-08T10:55:06.300

Modified: 2024-11-21T02:07:37.833

Link: CVE-2014-3189

cve-icon Redhat

Severity : Critical

Publid Date: 2014-10-07T00:00:00Z

Links: CVE-2014-3189 - Bugzilla