CVE-2016-4059
published 2016-04-22CVE-2016-4059: Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode…
high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foxitsoftware | foxit_reader | <= 7.3.0.118 | — |
| foxitsoftware | phantompdf | <= 7.3.0.118 | — |
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/85379http://www.zerodayinitiative.com/advisories/ZDI-16-221https://www.foxitsoftware.com/support/security-bulletins.phphttp://www.securityfocus.com/bid/85379http://www.zerodayinitiative.com/advisories/ZDI-16-221https://www.foxitsoftware.com/support/security-bulletins.php
2016-04-22
Published