The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
CPE | Name | Operator | Version |
---|---|---|---|
foxit_reader | le | 8.2.0.2051 | |
phantompdf | le | 8.2.0.2192 |