This template is ONLY for reporting security bugs. If you are reporting a
Download Protection Bypass bug, please use the "Security - Download
Protection" template. For all other reports, please use a different
template.
Please READ THIS FAQ before filing a bug: https://chromium.googlesource.com
/chromium/src/+/master/docs/security/faq.md
Please see the following link for instructions on filing security bugs:
https://www.chromium.org/Home/chromium-security/reporting-security-bugs
NOTE: Security bugs are normally made public once a fix has been widely
deployed.
VULNERABILITY DETAILS
Chrome application "LuminPDF" strips security setting from a secured PDF. For example if I upload and secured pdf in my GOOGLE DRIVE. I can view it using LuminPDF. If I chose to print to PDF, the pdf security settings are lost therefore it is now an unsecure PDF. This is very major issue being that a malicous person could either delete or alter digitally signed documents. Beeng in the military we rely on digital signatures very heavily.Google Drive is also heavily used and by LuminPDF being the default pdf viewer, this is a huge security issue.
VERSION
CHROME LuminPDF
|
Deleted:
LuminPDF-Security.pdf
296 KB
|
Comment 1 by mea...@chromium.org
, Sep 15 2017Status: Duplicate (was: Unconfirmed)