Memory Corruption Vulnerability in Foxit Reader and PhantomPDF
CVE-2015-2790
Currently unrated
Key Information:
- Vendor
- Foxit
- Vendor
- CVE Published:
- 30 March 2015
Summary
Certain versions of Foxit Reader, Enterprise Reader, and PhantomPDF are susceptible to a memory corruption vulnerability. This issue arises due to improper handling of Ubyte Size within a DataSubBlock structure, as well as the LZWMinimumCodeSize in GIF images. Attackers can exploit this vulnerability by crafting malicious GIF images, leading to a denial of service condition through application crashes.
References
EPSS Score
67% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved