The ConvertToPDF plugin in Foxit Reader prior to 8.2 and PhantomPDF prior to 8.2 on Windows, when the gflags app is enabled, allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
foxitsoftware phantompdf 8.1.1.1115 |
||
foxitsoftware foxit_reader 8.1.4.1208 |