Vulnerability Spotlight: Google PDFium Tiff Code Execution

Overview Talos is disclosing a single off-by-one read/write vulnerability found in the TIFF image decoder functionality of PDFium as used in Google Chrome up to and including version 60.0.3112.101. Google Chrome is the most widely used web browser today and a specially crafted PDF could trigger the vulnerability resulting in memory corruption, possible information leak, […]

from Cisco Blog » Security http://ift.tt/2yAC6E1