Heap-based Buffer Overflow in Foxit Reader 7.3.4.311 Allows Remote Code Execution

Heap-based Buffer Overflow in Foxit Reader 7.3.4.311 Allows Remote Code Execution

CVE-2016-3740 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Heap-based buffer overflow in the CreateFXPDFConvertor function in ConvertToPdf_x86.dll in Foxit Reader 7.3.4.311 allows remote attackers to execute arbitrary code via a large SamplesPerPixel value in a crafted TIFF image that is mishandled during PDF conversion. This is fixed in 8.0.

Learn more about our Web Application Penetration Testing UK.