The ConvertToPDF plugin in Foxit Reader prior to 8.2.1 and PhantomPDF prior to 8.2.1 on Windows, when the gflags app is enabled, allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
foxitsoftware foxit_reader |
||
foxitsoftware phantompdf |