The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2014-10-08T10:00:00

Updated: 2024-08-06T10:35:57.090Z

Reserved: 2014-05-03T00:00:00

Link: CVE-2014-3198

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-10-08T10:55:06.737

Modified: 2024-11-21T02:07:38.827

Link: CVE-2014-3198

cve-icon Redhat

Severity : Critical

Publid Date: 2014-10-07T00:00:00Z

Links: CVE-2014-3198 - Bugzilla