CVE-2017-14818 in Foxitinformazioni

Riassunto

di MITRE

This vulnerability allows remote attackers to disclose sensitive on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-4982.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

27/09/2017

Divulgazione

20/12/2017

Moderazione

accettato

Voce

VDB-110861

CPE

pronto

CWE

CWE-125 (confermato)

CVSS

6.5 (NVD)

EPSS

0.02456

KEV

Attività

molto basso

Settore

Government, Education, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-14818
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-14818
CVE Details	https://www.cvedetails.com/cve/CVE-2017-14818/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!