Multiple integer overflows in the opjtcdinit_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "chromium-chromedriver": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-codecs-ffmpeg-extra-dbgsym": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-browser-dbgsym": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-codecs-ffmpeg": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-chromedriver-dbgsym": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-browser": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-codecs-ffmpeg-dbgsym": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-browser-l10n": "53.0.2785.143-0ubuntu0.14.04.1.1142", "chromium-codecs-ffmpeg-extra": "53.0.2785.143-0ubuntu0.14.04.1.1142" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "chromium-chromedriver": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-codecs-ffmpeg-extra-dbgsym": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-browser-dbgsym": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-codecs-ffmpeg": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-chromedriver-dbgsym": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-browser": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-codecs-ffmpeg-dbgsym": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-browser-l10n": "53.0.2785.143-0ubuntu0.16.04.1.1254", "chromium-codecs-ffmpeg-extra": "53.0.2785.143-0ubuntu0.16.04.1.1254" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libopenjpip-dec-server-dbgsym": "2.1.2-1.1+deb9u2build0.1", "libopenjp2-tools": "2.1.2-1.1+deb9u2build0.1", "libopenjpip7": "2.1.2-1.1+deb9u2build0.1", "libopenjp2-7-dev-dbgsym": "2.1.2-1.1+deb9u2build0.1", "libopenjp2-7": "2.1.2-1.1+deb9u2build0.1", "libopenjp2-tools-dbgsym": "2.1.2-1.1+deb9u2build0.1", "libopenjp2-7-dbg": "2.1.2-1.1+deb9u2build0.1", "libopenjpip-server": "2.1.2-1.1+deb9u2build0.1", "libopenjp2-7-dev": "2.1.2-1.1+deb9u2build0.1", "libopenjpip-server-dbgsym": "2.1.2-1.1+deb9u2build0.1", "libopenjp3d7-dbgsym": "2.1.2-1.1+deb9u2build0.1", "libopenjp3d7": "2.1.2-1.1+deb9u2build0.1", "libopenjp2-7-dbgsym": "2.1.2-1.1+deb9u2build0.1", "libopenjp3d-tools-dbgsym": "2.1.2-1.1+deb9u2build0.1", "libopenjpip7-dbgsym": "2.1.2-1.1+deb9u2build0.1", "libopenjpip-dec-server": "2.1.2-1.1+deb9u2build0.1", "libopenjp3d-tools": "2.1.2-1.1+deb9u2build0.1", "libopenjpip-viewer": "2.1.2-1.1+deb9u2build0.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libopenjp2-7-dbg": "2.2.0-1", "libopenjpip-server": "2.2.0-1", "libopenjp2-7-dev": "2.2.0-1", "libopenjp2-tools": "2.2.0-1", "libopenjp2-7": "2.2.0-1", "libopenjp3d7": "2.2.0-1", "libopenjpip7": "2.2.0-1", "libopenjp3d-tools": "2.2.0-1", "libopenjpip-dec-server": "2.2.0-1", "libopenjpip-viewer": "2.2.0-1" } ] }