Google PDFium TIFF Image Flate Decoder Code Execution Vulnerability

Google PDFium is Google in the BSD 3-Clause license under the open source , based on Foxit technology , embedded in Google Chrome's PDF rendering engine . Google PDFium TIFF Image Flate decoder there are code execution vulnerabilities, attackers can exploit the vulnerabilities lead to memory...

Google PDFium TIFF Image Flate Decoder Code Execution Vulnerability

Summary An off-by-one read/write on the heap vulnerability exists in the TIFF image decoder functionality of Pdfium as used by Google Chrome up to and including 60.0.3112.101. A specially crafted PDF file can trigger an off-by-one read and write on the heap resulting in memory corruption and a...