Description
A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93799
Technical Description, Third Party Advisory x_refsource_misc
http://www.talosintelligence.com/reports/TALOS-2016-0201/
Scores
CVSS v3
6.8
EPSS
0.1346
EPSS Percentile
94.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (2)
Foxit Software/Foxit Reader
8.0.2.805
foxitsoftware/reader
8.0.2.805
Published
Jan 06, 2017
Tracked Since
Feb 18, 2026