Foxit.Reader.and.PhantomPDF.ConvertToPDF.SIZ.Integer.Overflow
Description
This indicates an attack attempt to exploit an Integer Overflow Vulnerability in Foxit Software PhantomPDF.
This vulnerability is due to improper parsing of image files within ConvertToPDF. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted webpage or maliciously crafted JPEG2000 Contiguous Codestream data. Successful exploitation could allow the attacker to execute arbitrary code in the context of the application.
Affected Products
Foxit Software Foxit Reader 9.7.0.29478 and earlier
Foxit Software PhantomPDF 9.7.0.29455 and earlier
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.foxitsoftware.com/support/security-bulletins.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |