CVE-2018-20247

Name of the Vulnerable Software and Affected Versions Foxit Quick PDF Library versions prior to 16.12

Description The issue arises when loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile(), LoadFromString(), or LoadFromStream() functions, resulting in a stack overflow. This can also be described as a buffer overflow in memory, potentially allowing an attacker to cause a denial of service using a specially crafted malicious PDF file.

Recommendations For Foxit Quick PDF Library versions prior to 16.12, update to version 16.12 or later to resolve the issue. As a temporary workaround, consider restricting the use of the LoadFromFile(), LoadFromString(), and LoadFromStream() functions until a patch is available.