Integer overflow in the opjtcdgetdecodedtile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "chromium-chromedriver": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-codecs-ffmpeg-extra-dbgsym": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-browser-dbgsym": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-codecs-ffmpeg": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-chromedriver-dbgsym": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-browser": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-codecs-ffmpeg-dbgsym": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-browser-l10n": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-codecs-ffmpeg-extra": "53.0.2785.143-0ubuntu0.14.04.1.1142" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "chromium-chromedriver": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-codecs-ffmpeg-extra-dbgsym": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-browser-dbgsym": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-codecs-ffmpeg": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-chromedriver-dbgsym": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-browser": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-codecs-ffmpeg-dbgsym": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-browser-l10n": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-codecs-ffmpeg-extra": "53.0.2785.143-0ubuntu0.16.04.1.1254" } ] }