CVE-2016-8875

The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ConvertToPDF_x86!CreateFXPDFConvertor."
References
Link Resource
https://www.foxitsoftware.com/support/security-bulletins.php Patch Vendor Advisory
http://www.securityfocus.com/bid/93608 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:foxitsoftware:phantompdf:*:*:*:*:*:windows:*:*
cpe:2.3:a:foxitsoftware:reader:*:*:*:*:*:windows:*:*

Information

Published : 2016-10-31 03:59

Updated : 2016-11-29 11:26


NVD link : CVE-2016-8875

Mitre link : CVE-2016-8875


JSON object : View

CWE
CWE-125

Out-of-bounds Read

Advertisement

dedicated server usa

Products Affected

foxitsoftware

  • reader
  • phantompdf