CVE-2018-20248
CVE-2018-20248
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
24 Dec 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.
Affected products
n/a · Foxit Quick PDF LibraryWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →