HTTP: Foxit PDF Reader JBIG2 Symbol Dictionary Out of Bounds Read
An out-of-bounds vulnerability has been reported in the JBIG2 component of Foxit PDF Reader. Successful exploitation could result in disclosure of information which could be used to further compromise the target system.
Extended Description
A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR.
Affected Products
Foxitsoftware reader
Short Name
HTTP:FOXIT-PDF-DOS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Bounds CVE-2016-8334 Dictionary Foxit JBIG2 Out PDF Read Reader Symbol bid:93799 of
Release Date
03/16/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Foxitsoftware
CVSS Score
4.3