CVE-2017-6883
published 2017-03-14CVE-2017-6883: The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a…
medium4.7CVSS 3.0
AVLACHPRNUIRSUCHINAN
The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foxitsoftware | foxit_reader | <= 8.2.0.2051 | — |
| foxitsoftware | phantompdf | <= 8.2.0.2192 | — |
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/96870http://www.zerodayinitiative.com/advisories/ZDI-17-133/https://www.foxitsoftware.com/support/security-bulletins.phphttp://www.securityfocus.com/bid/96870http://www.zerodayinitiative.com/advisories/ZDI-17-133/https://www.foxitsoftware.com/support/security-bulletins.php
2017-03-14
Published