Searching
..

Click anywhere to stop

KLA10948
Denial of service and code execution vulnerability in Foxit Reader and Foxit PhantomPDF

Обновлено: 22/01/2024
Дата обнаружения
23/01/2017
Уровень угрозы
High
Описание

Out-of bounds read vulnerability was found in the ConvertToPDF plugin in Foxit Reader and PhantomPDF. By exploiting this vulnerability malicious users can cause a denial of service, possibly obtain sensitive information or execute arbitrary code in the context of the current process. This vulnerability can be exploited remotely via a specially designed JPEG image.


Technical details

Vulnerability can be executed only if gflags app is enabled.

Пораженные продукты

Foxit Reader before 8.2
Foxit PhantomPDF before 8.2

Решение

Update to the latest versions
Download Foxit PhantomPDF
Download Foxit Reader

Первичный источник обнаружения
Foxit Security bulletins
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]
Связанные продукты
Foxit Reader
Foxit Phantom PDF
CVE-IDS
Узнай статистику распространения уязвимостей в твоем регионе