Description
FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read, access violation, and application crash) via TIFF data because of a ConvertToPDF_x86!ReleaseFXURLToHtml issue.
References (3)
Core 3
Core References
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/153214
Exploit, Third Party Advisory x_refsource_misc
https://github.com/Yan-1-20/Yan-1-20.github.io/blob/master/2018/11/20/2018/11/2018-11-20/index.html
Broken Link x_refsource_misc
https://yan-1-20.github.io/2018/11/20/2018/11/2018-11-20/
Scores
CVSS v3
5.5
EPSS
0.0004
EPSS Percentile
12.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (1)
foxitsoftware/foxit_reader
9.3.0.10826
Published
Nov 20, 2018
Tracked Since
Feb 18, 2026