| tiêu đề | CVE-2020-27860 - circumventing security precautions in Foxit Reader |
|---|
| Mô tả | Addressed a potential issue where the application could be exposed to Out-of-Bounds Write Remote Code Execution vulnerability and crash while processing certain XFA templates. This occurs during the process of modifying control attributes and appending nodes as the application fails to validate and uses certain type of object that is explicitly converted from a wrong layout object created by the appended template node (CVE-2020-27860). |
|---|
| Nguồn | ⚠️ https://www.foxitsoftware.com/support/security-bulletins.html |
|---|
| Người dùng | CSieberg (UID 13359) |
|---|
| Đệ trình | 08/02/2021 11:56 (cách đây 5 những năm) |
|---|
| Kiểm duyệt | 08/02/2021 13:13 (1 hour later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 169367 [Foxit PhantomPDF đến 9.7.4.29600 XFA Template tràn bộ đệm] |
|---|
| điểm | 20 |
|---|