PDFium vulnerability in Google Chrome enabled arbitrary code execution

Researchers spotted an arbitrary code execution vulnerability in Chrome browser.
Researchers spotted an arbitrary code execution vulnerability in Chrome browser.

Cisco Talos researchers spotted a vulnerability in PDFium, Google Chrome's default PDF reader, that could allow an attacker to gain arbitrary code execution.

The bug was caused by a heap buffer overflow vulnerability in the jpeg2000 image parser library used by PDFium, Cisco Talos threat researcher Earl Carter said in a June 8 blog post.

An attacker could have exploited the vulnerability if a user viewed a PDF document that included an embedded jpeg2000 image, the post said.

“The most effective attack vector is for the threat actor to place a malicious PDF file on a website and then redirect victims to the website using either phishing emails or even malvertising,” Carter told SCMagazine via emailed comments.

Researchers promptly notified Google and a patch was released on May 25. Chrome automatically updates itself and users only need to ensure they have restarted their browser since the release of the patch.  

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS