Vulnerabilities > CVE-2016-8877 - Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf and Reader

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue.

Vulnerable Configurations

Part Description Count
Application
Foxitsoftware
2

Common Weakness Enumeration (CWE)