Описание
The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap Corruption" issue.
Ссылки
- VDB Entry
- PatchVendor Advisory
- VDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.0.5 (включая)Версия до 8.0.5 (включая)
Одно из
cpe:2.3:a:foxitsoftware:phantompdf:*:*:*:*:*:windows:*:*
cpe:2.3:a:foxitsoftware:reader:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 25%
0.00088
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap Corruption" issue.
EPSS
Процентиль: 25%
0.00088
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-787