PT-2016-7605 · Foxit · Foxit Reader+1
Published
2016-10-31
·
Updated
2016-11-29
·
CVE-2016-8877
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Foxit Reader and PhantomPDF versions prior to 8.1
Description
A heap buffer overflow issue, also referred to as an "out-of-bounds write" or "corrupted suffix pattern," exists in the handling of crafted JPEG2000 images embedded in PDF documents. This allows remote attackers to potentially execute arbitrary code.
Recommendations
For Foxit Reader and PhantomPDF versions prior to 8.1, update to version 8.1 or later to resolve the issue.
Fix
RCE
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foxit Reader
Phantompdf