Stackexploit

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 55.0.2883.75 for Mac, Windows, and Linux Google Chrome version prior to 55.0.2883.84 for Android Opera (affected versions not specified) **Description** The issue is caused by a heap buffer overflow during TIFF image parsing in the PDFium component. This allows a remote attacker to potentially exploit heap corruption via a crafted PDF file. The attacker could gain access to protected information using this specially created file. **Recommendations** For Google Chrome versions prior to 55.0.2883.75 on Mac, Windows, and Linux, update to version 55.0.2883.75 or later. For Google Chrome version prior to 55.0.2883.84 on Android, update to version 55.0.2883.84 or later. For Opera, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** OpenJPEG versions prior to 52.0.2743.116 Google Chrome versions prior to 52.0.2743.116 Opera versions prior to 52.0.2743.116 **Description** A heap-based buffer overflow issue exists in the `opj j2k read SQcd SQcc` function in `j2k.c` in OpenJPEG. This allows remote attackers to cause a denial of service or possibly have other unspecified impacts via crafted JPEG 2000 data. **Recommendations** For OpenJPEG versions prior to 52.0.2743.116, update to version 52.0.2743.116 or later to resolve the issue. For Google Chrome versions prior to 52.0.2743.116, update to version 52.0.2743.116 or later to resolve the issue. For Opera versions prior to 52.0.2743.116, update to version 52.0.2743.116 or later to resolve the issue. As a temporary workaround, consider disabling the `opj j2k read SQcd SQcc` function until a patch is available.