Lucene search
PRIOn knowledge basePRION:CVE-2017-17557HistoryApr 24, 2018 - 8:29 p.m.
Heap overflow
2018-04-2420:29:00
PRIOn knowledge base
www.prio-n.com
6
0.542 Medium
EPSS
Percentile
97.6%
In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files. The issue results from the lack of proper validation of the biSize member, which can result in a heap based buffer overflow. An attacker can leverage this to execute code in the context of the current process.
| CPE | Name | Operator | Version |
|---|---|---|---|
| foxit_reader | lt | 9.1 | |
| phantompdf | lt | 9.1 |
Related
cvelist
cvelist
CVE-2017-17557
2018-04-24 20:00:00
checkpoint_advisories
checkpoint_advisories
Foxit Reader BMP biWidth Heap-based Buffer Overflow (CVE-2017-17557)
2018-05-14 00:00:00
cve
cve
CVE-2017-17557
2018-04-24 20:29:00
nvd
nvd
CVE-2017-17557
2018-04-24 20:29:00
srcincite
srcincite
nessus
nessus
Foxit Reader < 9.1 Multiple Vulnerabilities
2018-04-27 00:00:00
Foxit PhantomPDF < 9.1 Multiple Vulnerabilities
2018-04-27 00:00:00
Foxit PhantomPDF < 8.3.6 Multiple Vulnerabilities
2018-12-21 00:00:00
openvas
openvas
Foxit PhantomPDF Multiple Vulnerabilities (Apr 2018) - Windows
2018-04-25 00:00:00
Foxit PhantomPDF Multiple Vulnerabilities (May 2018) - Windows
2018-05-18 00:00:00
Foxit Reader Multiple Vulnerabilities (Apr 2018) - Windows
2018-04-25 00:00:00
kaspersky
kaspersky
KLA11237 Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF
2018-04-19 00:00:00