Google Chrome 2.0.172.33 Buffer Overflow Vulnerability

Summary

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.

Credit:

The information has been provided by Google
The original article can be found at: https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html


Details

Google Chrome is prone to a overflow vulnerability.This allows a remote attackers to execute arbitrary code via crafted packets and cause a denial of service (memory corruption)

Vulnerable Systems:

  • Google Chrome 0.1.38.1
  • Google Chrome 0.1.38.2
  • Google Chrome 0.1.38.4
  • Google Chrome 0.1.40.1
  • Google Chrome 0.1.42.2
  • Google Chrome 0.1.42.3
  • Google Chrome 0.2.149.27
  • Google Chrome 0.2.149.29
  • Google Chrome 0.2.149.30
  • Google Chrome 0.2.152.1
  • Google Chrome 0.2.153.1
  • Google Chrome 0.3.154.0
  • Google Chrome 0.3.154.3
  • Google Chrome 0.4.154.18
  • Google Chrome 0.4.154.22
  • Google Chrome 0.4.154.31
  • Google Chrome 0.4.154.33
  • Google Chrome 1.0.154.36
  • Google Chrome 1.0.154.39
  • Google Chrome 1.0.154.42
  • Google Chrome 1.0.154.43
  • Google Chrome 1.0.154.46
  • Google Chrome 1.0.154.48
  • Google Chrome 1.0.154.52
  • Google Chrome 1.0.154.53
  • Google Chrome 1.0.154.59
  • Google Chrome 1.0.154.64
  • Google Chrome 1.0.154.65
  • Google Chrome 2.0.156.1
  • Google Chrome 2.0.157.0
  • Google Chrome 2.0.157.2
  • Google Chrome 2.0.158.0
  • Google Chrome 2.0.159.0
  • Google Chrome 2.0.169.0
  • Google Chrome 2.0.169.1
  • Google Chrome 2.0.170.0
  • Google Chrome 2.0.172
  • Google Chrome 2.0.172.2
  • Google Chrome 2.0.172.8
  • Google Chrome 2.0.172.27
  • Google Chrome 2.0.172.28
  • Google Chrome 2.0.172.30
  • Google Chrome 2.0.172.31
  • Google Chrome 2.0.172.33
  • Google Chrome 2.0.172.37

CVE Information:

CVE-2019-5795

Disclosure Timeline:
Publish Date:05/23/2019

Categories: News