CVE-2018-20249

2018-12-2419:00:00

CWE-787

checkpoint

www.cve.org

AI Score

8.6

Confidence

High

EPSS

0.002

Percentile

54.1%

JSON

In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.

CNA Affected

[
  {
    "product": "Foxit Quick PDF Library",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to 16.12"
      }
    ]
  }
]

References

www.securityfocus.com/bid/106306

www.foxitsoftware.com/support/security-bulletins.php