Foxitsoftware » Foxit Reader : Security Vulnerabilities, CVEs, Published In 2016 (Overflow)
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted (1) JPEG, (2) GIF, or (3) BMP image.
Max CVSS
7.8
EPSS Score
0.30%
Published
2016-04-22
Updated
2016-11-08
The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption.
Max CVSS
7.4
EPSS Score
0.07%
Published
2016-04-13
Updated
2016-04-19
2 vulnerabilities found