Arbitrary code execution vulnerability in PDFium in Google Chrome via a crafted JPEG 2000 image in a PDF document (deb)ID: oval:org.secpod.oval:def:33049 | Date: (C)2016-02-22 (M)2022-10-10 |
Class: VULNERABILITY | Family: unix |
The host is installed with Google Chrome before 48.0.2564.109 and is prone to an arbitrary code execution vulnerability. Aflaw is present in the application, which fails to handle a crafted JPEG 2000 image in a PDF document. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read).