CVE-2020-17416

HIGH

Foxit Reader and PhantomPDF < 10.0.1.35811 - Remote Code Execution via JPEG2000 Image Parsing

Title source: llm

Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11497.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://www.foxitsoftware.com/support/security-bulletins.php

Third Party Advisory, VDB Entry x_refsource_misc

https://www.zerodayinitiative.com/advisories/ZDI-20-1233/

Scores

CVSS v3 7.8

EPSS 0.0178

EPSS Percentile 82.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (2)

foxitsoftware/foxit_reader < 10.0.1.35811

foxitsoftware/phantompdf < 10.0.1.35811

Published Oct 13, 2020

Tracked Since Feb 18, 2026