English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
KLA10948
Denial of service and code execution vulnerability in Foxit Reader and Foxit PhantomPDF
Updated: 06/03/2020
|
Detect date
?
|
01/23/2017 |
|
Severity
?
|
High |
|
Description
|
Out-of bounds read vulnerability was found in the ConvertToPDF plugin in Foxit Reader and PhantomPDF. By exploiting this vulnerability malicious users can cause a denial of service, possibly obtain sensitive information or execute arbitrary code in the context of the current process. This vulnerability can be exploited remotely via a specially designed JPEG image. Technical details Vulnerability can be executed only if gflags app is enabled. |
|
Affected products
|
Foxit Reader before 8.2 |
|
Solution
|
Update to the latest versions |
|
Original advisories
|
|
|
Impacts
?
|
ACE [?] OSI [?] DoS [?] |
|
Related products
|
Foxit Reader Foxit Phantom PDF |
|
CVE-IDS
?
|
|
| Find out the statistics of the vulnerabilities spreading in your region |