CVE-2022-0306

EPSS 85.4%

In short

A memory error in PDFium (PDF viewer in Chrome) allows attackers to crash your browser or potentially execute malicious code by tricking you into viewing a specially crafted webpage.

Technical detail

Heap buffer overflow in PDFium's PDF parsing module affects Chrome versions before 97.0.4692.99. Remote attack vector via crafted HTML/PDF content; no user privileges required. Potential for arbitrary code execution or denial of service through heap memory corruption.

Summary generated and translated by AI from the official description.

Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Affected products

Google · Chrome

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/166367/Chrome-chrome_pdf-PDFiumEngine-RequestThumbnail-Heap-Buffer-Overflow.html https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html https://crbug.com/1283198