← back
CVE-2018-20248

CVE-2018-20248

EPSS 1.7%CWE-787
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Dec 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →