1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bug in Chrome’s PDF reader allows arbitrary code execution

Discussion in 'Help Net Security' started by RSS, Jun 9, 2016.

  1. RSS

    RSS New Member Member

    Vulnerabilities in software often arise from faulty implementations of elements developed by other code writers. Take for example CVE-2016-1681, the heap-based buffer overflow vulnerability affecting PDFium, the default PDF reader that is included in the Google Chrome web browser. The vulnerability is present in OpenJPEG, the underlying jpeg2000 parsing library. “An existing assert call in the OpenJPEG library prevents the heap overflow in standalone builds, but in the build included in release versions of Chrome, … More →

    Continue reading...

Share This Page