In Foxit Reader prior to 9.1 and Foxit PhantomPDF prior to 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files. The issue results from the lack of proper validation of the biSize member, which can result in a heap based buffer overflow. An attacker can leverage this to execute code in the context of the current process.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
foxitsoftware phantompdf |
||
foxitsoftware foxit reader |