In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files. The issue results from the lack of proper validation of the biSize member, which can result in a heap based buffer overflow. An attacker can leverage this to execute code in the context of the current process.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-04-24T20:00:00
Updated: 2024-08-05T20:51:32.366Z
Reserved: 2017-12-12T00:00:00
Link: CVE-2017-17557
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-04-24T20:29:00.357
Modified: 2018-06-05T14:33:07.810
Link: CVE-2017-17557
Redhat
No data.