PT-2016-7603 · Microsoft+1 · Gflags+3
Publicado
2016-10-31
·
Atualizado
2016-11-29
·
CVE-2016-8875
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Foxit Reader versions prior to 8.1
PhantomPDF versions prior to 8.1
Description
The issue allows remote attackers to cause a denial of service, resulting in an out-of-bounds read and application crash, via a crafted TIFF image. This occurs when the gflags app is enabled.
Recommendations
For Foxit Reader versions prior to 8.1, update to version 8.1 or later to resolve the issue.
For PhantomPDF versions prior to 8.1, update to version 8.1 or later to resolve the issue.
As a temporary workaround, consider disabling the ConvertToPDF plugin until a patch is available.
Correção
DoS
Out of bounds Read
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Converttopdf
Foxit Reader
Phantompdf
Gflags