Foxit Quick PDF Library Multiple Security Vulnerabilities

Bugtraq ID:	106306
Class:	Boundary Condition Error
CVE:	CVE-2018-20247 CVE-2018-20248 CVE-2018-20249
Remote:	Yes
Local:	No
Published:	Dec 24 2018 12:00AM
Updated:	Dec 24 2018 12:00AM
Credit:	Gal Elbaz, Alon Boxiner, Eran Vaknin and Noa Novogroder from Check Point Software Technologies
Vulnerable:	Foxitsoftware Quick PDF Library 16.11 Foxitsoftware Quick PDF Library 15.11
Not Vulnerable:	Foxitsoftware Quick PDF Library 16.12

Foxit Quick PDF Library Multiple Security Vulnerabilities

Foxit Quick PDF Library is prone to the following vulnerabilities:

1. Multiple stack based buffer-overflow vulnerabilities
2. Multiple denial of service vulnerabilities

Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

Foxit Quick PDF Library Multiple Security Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Foxit Quick PDF Library Multiple Security Vulnerabilities

Solution:
Updates are available. Please see the references or vendor advisory for more information.