CVE-2018-20249

CWE-787Out-of-bounds WriteCWE-119Buffer Overflow3 documents3 sources
Severity
8.8HIGH
EPSS
1.4%
top 19.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Foxitsoftware Quick PDF Library
Timeline
PublishedDec 24
Latest updateMay 13

Description

In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5foxit_quick_pdf_libraryAll versions prior to 16.12

🔴Vulnerability Details

2
GHSA
GHSA-g27j-669g-qwj2: In Foxit Quick PDF Library (all versions prior to 162022-05-13
CVEList
CVE-2018-20249: In Foxit Quick PDF Library (all versions prior to 162018-12-24
CVE-2018-20249 (HIGH CVSS 8.8) | In Foxit Quick PDF Library (all ver | cvebase.io