Vulnerability Description
In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Foxitsoftware | Quick Pdf Library | < 16.12 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106306Third Party AdvisoryVDB Entry
- https://www.foxitsoftware.com/support/security-bulletins.phpVendor Advisory
- http://www.securityfocus.com/bid/106306Third Party AdvisoryVDB Entry
- https://www.foxitsoftware.com/support/security-bulletins.phpVendor Advisory
FAQ
What is CVE-2018-20248?
CVE-2018-20248 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, Loa...
How severe is CVE-2018-20248?
CVE-2018-20248 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-20248?
Check the references section above for vendor advisories and patch information. Affected products include: Foxitsoftware Quick Pdf Library.