Intrusion PreventionFoxit.Reader.ConvertToPDF.BMP.Out.Of.Bounds.Read
Description
This indicates an attack attempt to exploit an Out of Bounds Read Vulnerability in Foxit Software PhantomPDF.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted BMP file. An attacker can exploit this to disclose sensitive information on the affected machine via a BMP file.
Affected Products
Foxit Software Foxit Reader 9.2.0.9297 and earlier
Foxit Software PhantomPDF 9.2.0.9297 and earlier
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor:
https://www.foxitsoftware.com/support/security-bulletins.php#content-2018
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2018-12-28 | 13.515 | Default_action:pass:drop |
| 2018-11-19 | 13.493 | Name:Foxit. Reader. ConvertToPDF. BMP. Out-of-Bounds. Read:Foxit. Reader. ConvertToPDF. BMP. Out. Of. Bounds. Read |
| 2018-11-16 | 13.492 |
| ID | 47049 |
| Created | Nov 19, 2018 |
| Updated | Dec 27, 2018 |
| Risk |
|
| CVE ID | CVE-2018-17686 |
| Exploit Prediction Score | 1.15% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, MacOS |
| Affected App | Other |