Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    6 vulnerabilities found for quick_pdf_library by foxitsoftware

    CVE-2018-20248 (GCVE-0-2018-20248)

    Vulnerability from cvelistv5 – Published: 2018-12-24 19:00 – Updated: 2024-08-05 11:58
    VLAI
    Summary
    In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.
    Severity
    No CVSS data available.
    CWE
    • CWE-787 - Out-of-bounds Write (3.1)
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Foxit Quick PDF Library Affected: All versions prior to 16.12
    Date Public
    2018-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:58:18.792Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106306",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106306"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Foxit Quick PDF Library",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to 16.12"
                }
              ]
            }
          ],
          "datePublic": "2018-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write (3.1)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-26T10:57:02.000Z",
            "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
            "shortName": "checkpoint"
          },
          "references": [
            {
              "name": "106306",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106306"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@checkpoint.com",
              "ID": "CVE-2018-20248",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Foxit Quick PDF Library",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to 16.12"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-787: Out-of-bounds Write (3.1)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106306",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106306"
                },
                {
                  "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
                  "refsource": "CONFIRM",
                  "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "assignerShortName": "checkpoint",
        "cveId": "CVE-2018-20248",
        "datePublished": "2018-12-24T19:00:00.000Z",
        "dateReserved": "2018-12-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:58:18.792Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-20247 (GCVE-0-2018-20247)

    Vulnerability from cvelistv5 – Published: 2018-12-24 19:00 – Updated: 2024-08-05 11:58
    VLAI
    Summary
    In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow.
    Severity
    No CVSS data available.
    CWE
    • CWE-121 - Stack-based Buffer Overflow (3.1)
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Foxit Quick PDF Library Affected: All versions prior to 16.12
    Date Public
    2018-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:58:18.710Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106306",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106306"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Foxit Quick PDF Library",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to 16.12"
                }
              ]
            }
          ],
          "datePublic": "2018-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow (3.1)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-26T10:57:02.000Z",
            "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
            "shortName": "checkpoint"
          },
          "references": [
            {
              "name": "106306",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106306"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@checkpoint.com",
              "ID": "CVE-2018-20247",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Foxit Quick PDF Library",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to 16.12"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121: Stack-based Buffer Overflow (3.1)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106306",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106306"
                },
                {
                  "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
                  "refsource": "CONFIRM",
                  "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "assignerShortName": "checkpoint",
        "cveId": "CVE-2018-20247",
        "datePublished": "2018-12-24T19:00:00.000Z",
        "dateReserved": "2018-12-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:58:18.710Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-20249 (GCVE-0-2018-20249)

    Vulnerability from cvelistv5 – Published: 2018-12-24 19:00 – Updated: 2024-08-05 11:58
    VLAI
    Summary
    In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.
    Severity
    No CVSS data available.
    CWE
    • CWE-787 - Out-of-bounds Write (3.1)
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Foxit Quick PDF Library Affected: All versions prior to 16.12
    Date Public
    2018-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:58:19.146Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106306",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106306"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Foxit Quick PDF Library",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to 16.12"
                }
              ]
            }
          ],
          "datePublic": "2018-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write (3.1)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-26T10:57:02.000Z",
            "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
            "shortName": "checkpoint"
          },
          "references": [
            {
              "name": "106306",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106306"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@checkpoint.com",
              "ID": "CVE-2018-20249",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Foxit Quick PDF Library",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to 16.12"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-787: Out-of-bounds Write (3.1)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106306",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106306"
                },
                {
                  "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
                  "refsource": "CONFIRM",
                  "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "assignerShortName": "checkpoint",
        "cveId": "CVE-2018-20249",
        "datePublished": "2018-12-24T19:00:00.000Z",
        "dateReserved": "2018-12-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:58:19.146Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-20248 (GCVE-0-2018-20248)

    Vulnerability from nvd – Published: 2018-12-24 19:00 – Updated: 2024-08-05 11:58
    VLAI
    Summary
    In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.
    Severity
    No CVSS data available.
    CWE
    • CWE-787 - Out-of-bounds Write (3.1)
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Foxit Quick PDF Library Affected: All versions prior to 16.12
    Date Public
    2018-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:58:18.792Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106306",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106306"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Foxit Quick PDF Library",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to 16.12"
                }
              ]
            }
          ],
          "datePublic": "2018-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write (3.1)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-26T10:57:02.000Z",
            "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
            "shortName": "checkpoint"
          },
          "references": [
            {
              "name": "106306",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106306"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@checkpoint.com",
              "ID": "CVE-2018-20248",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Foxit Quick PDF Library",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to 16.12"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-787: Out-of-bounds Write (3.1)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106306",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106306"
                },
                {
                  "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
                  "refsource": "CONFIRM",
                  "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "assignerShortName": "checkpoint",
        "cveId": "CVE-2018-20248",
        "datePublished": "2018-12-24T19:00:00.000Z",
        "dateReserved": "2018-12-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:58:18.792Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-20247 (GCVE-0-2018-20247)

    Vulnerability from nvd – Published: 2018-12-24 19:00 – Updated: 2024-08-05 11:58
    VLAI
    Summary
    In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow.
    Severity
    No CVSS data available.
    CWE
    • CWE-121 - Stack-based Buffer Overflow (3.1)
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Foxit Quick PDF Library Affected: All versions prior to 16.12
    Date Public
    2018-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:58:18.710Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106306",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106306"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Foxit Quick PDF Library",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to 16.12"
                }
              ]
            }
          ],
          "datePublic": "2018-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121: Stack-based Buffer Overflow (3.1)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-26T10:57:02.000Z",
            "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
            "shortName": "checkpoint"
          },
          "references": [
            {
              "name": "106306",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106306"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@checkpoint.com",
              "ID": "CVE-2018-20247",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Foxit Quick PDF Library",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to 16.12"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121: Stack-based Buffer Overflow (3.1)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106306",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106306"
                },
                {
                  "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
                  "refsource": "CONFIRM",
                  "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "assignerShortName": "checkpoint",
        "cveId": "CVE-2018-20247",
        "datePublished": "2018-12-24T19:00:00.000Z",
        "dateReserved": "2018-12-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:58:18.710Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-20249 (GCVE-0-2018-20249)

    Vulnerability from nvd – Published: 2018-12-24 19:00 – Updated: 2024-08-05 11:58
    VLAI
    Summary
    In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access.
    Severity
    No CVSS data available.
    CWE
    • CWE-787 - Out-of-bounds Write (3.1)
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Foxit Quick PDF Library Affected: All versions prior to 16.12
    Date Public
    2018-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:58:19.146Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106306",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106306"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Foxit Quick PDF Library",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to 16.12"
                }
              ]
            }
          ],
          "datePublic": "2018-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write (3.1)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-26T10:57:02.000Z",
            "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
            "shortName": "checkpoint"
          },
          "references": [
            {
              "name": "106306",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106306"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@checkpoint.com",
              "ID": "CVE-2018-20249",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Foxit Quick PDF Library",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to 16.12"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-787: Out-of-bounds Write (3.1)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106306",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106306"
                },
                {
                  "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
                  "refsource": "CONFIRM",
                  "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "assignerShortName": "checkpoint",
        "cveId": "CVE-2018-20249",
        "datePublished": "2018-12-24T19:00:00.000Z",
        "dateReserved": "2018-12-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:58:19.146Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }