Launchpad.net

CVE 2017-5032

PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

See the CVE page on Mitre.org for more details.