Denial of service and code execution vulnerability in Foxit Reader and Foxit PhantomPDF

Описание

Out-of bounds read vulnerability was found in the ConvertToPDF plugin in Foxit Reader and PhantomPDF. By exploiting this vulnerability malicious users can cause a denial of service, possibly obtain sensitive information or execute arbitrary code in the context of the current process. This vulnerability can be exploited remotely via a specially designed JPEG image.

---

Technical details

Vulnerability can be executed only if gflags app is enabled.

Первичный источник обнаружения

• Foxit Security bulletins
  

Связанные продукты

• Foxit-Reader
• Foxit-Phantom-PDF

Список CVE

• CVE-2017-5556
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com