Vulnerability Details CVE-2017-6883
The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.2%
CVSS Severity
CVSS v3 Score 4.7
CVSS v2 Score 2.6
References
- http://www.securityfocus.com/bid/96870
- http://www.zerodayinitiative.com/advisories/ZDI-17-133/
- https://www.foxitsoftware.com/support/security-bulletins.php
- http://www.securityfocus.com/bid/96870
- http://www.zerodayinitiative.com/advisories/ZDI-17-133/
- https://www.foxitsoftware.com/support/security-bulletins.php
Products affected by CVE-2017-6883
-
cpe:2.3:a:foxitsoftware:foxit_reader:2.0
-
cpe:2.3:a:foxitsoftware:foxit_reader:2.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:2.3
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.0
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.0.0111
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.0.0824
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.1.0901
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.2.1013
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.2.1030
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.4
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.4.1125
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.2.0.0303
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.2.1.0401
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.3
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.3.0.0430
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.3.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.3.1.0520
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.0
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.0.0.0619
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.1.0.0726
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.1.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.1.1.0805
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.2.0.0928
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.3
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.3.0.1110
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.3.1.0218
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.0
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.0.1.0523
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.0.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.0.2.0718
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.1.0.1021
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.1.3
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.1.3.1201
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.1.4.0104
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.3
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.3.0.0423
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.3.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.3.1.0606
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.4
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.4.2.0901
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.4.3
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.4.3.0920
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.4.5
-
cpe:2.3:a:foxitsoftware:foxit_reader:5.4.5.0114
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.0
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.0.2.0413
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.0.3
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.0.3.0524
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.0.5
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.0.5.0618
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.1.1.1031
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.1.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.1.2.1224
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.1.4
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.1.4.0217
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.2.0.0429
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.2.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:6.2.1.0618
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.0
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.0.3.916
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.0.6
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.0.6.1126
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.1.0.306
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.1.5
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.1.5.425
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.2.0.722
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.2.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.2.2.0929
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.2.8
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.2.8.1124
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.3
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.3.0.118
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.3.4
-
cpe:2.3:a:foxitsoftware:foxit_reader:7.3.4.311
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.0
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.0.0.624
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.0.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.0.2.805
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.1.0.1013
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.1.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.1.1.1115
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.1.4
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.1.4.1208
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:8.2.0.2051
-
cpe:2.3:a:foxitsoftware:phantompdf:1.0.2
-
cpe:2.3:a:foxitsoftware:phantompdf:2.0
-
cpe:2.3:a:foxitsoftware:phantompdf:2.1
-
cpe:2.3:a:foxitsoftware:phantompdf:2.1.1
-
cpe:2.3:a:foxitsoftware:phantompdf:2.2
-
cpe:2.3:a:foxitsoftware:phantompdf:2.2.1
-
cpe:2.3:a:foxitsoftware:phantompdf:2.2.3
-
cpe:2.3:a:foxitsoftware:phantompdf:3.0.1
-
cpe:2.3:a:foxitsoftware:phantompdf:3.3
-
cpe:2.3:a:foxitsoftware:phantompdf:3.4
-
cpe:2.3:a:foxitsoftware:phantompdf:4.0
-
cpe:2.3:a:foxitsoftware:phantompdf:4.1
-
cpe:2.3:a:foxitsoftware:phantompdf:5.0.2
-
cpe:2.3:a:foxitsoftware:phantompdf:5.0.2.0721
-
cpe:2.3:a:foxitsoftware:phantompdf:5.0.3
-
cpe:2.3:a:foxitsoftware:phantompdf:5.0.3.0811
-
cpe:2.3:a:foxitsoftware:phantompdf:5.1
-
cpe:2.3:a:foxitsoftware:phantompdf:5.1.1.1214
-
cpe:2.3:a:foxitsoftware:phantompdf:5.1.2
-
cpe:2.3:a:foxitsoftware:phantompdf:5.1.2.0305
-
cpe:2.3:a:foxitsoftware:phantompdf:5.2
-
cpe:2.3:a:foxitsoftware:phantompdf:5.2.0.0502
-
cpe:2.3:a:foxitsoftware:phantompdf:5.2.1
-
cpe:2.3:a:foxitsoftware:phantompdf:5.2.1.0615
-
cpe:2.3:a:foxitsoftware:phantompdf:5.4
-
cpe:2.3:a:foxitsoftware:phantompdf:5.4.0.0902
-
cpe:2.3:a:foxitsoftware:phantompdf:5.4.2
-
cpe:2.3:a:foxitsoftware:phantompdf:5.4.2.0918
-
cpe:2.3:a:foxitsoftware:phantompdf:5.4.3
-
cpe:2.3:a:foxitsoftware:phantompdf:5.4.3.1106
-
cpe:2.3:a:foxitsoftware:phantompdf:6.0
-
cpe:2.3:a:foxitsoftware:phantompdf:6.0.2.0413
-
cpe:2.3:a:foxitsoftware:phantompdf:6.0.5
-
cpe:2.3:a:foxitsoftware:phantompdf:6.0.5.0618
-
cpe:2.3:a:foxitsoftware:phantompdf:6.0.7
-
cpe:2.3:a:foxitsoftware:phantompdf:6.0.7.0806
-
cpe:2.3:a:foxitsoftware:phantompdf:6.1
-
cpe:2.3:a:foxitsoftware:phantompdf:6.1.1.1025
-
cpe:2.3:a:foxitsoftware:phantompdf:6.1.2
-
cpe:2.3:a:foxitsoftware:phantompdf:6.1.2.1227
-
cpe:2.3:a:foxitsoftware:phantompdf:6.2
-
cpe:2.3:a:foxitsoftware:phantompdf:6.2.0.0429
-
cpe:2.3:a:foxitsoftware:phantompdf:6.2.1
-
cpe:2.3:a:foxitsoftware:phantompdf:6.2.1.0168
-
cpe:2.3:a:foxitsoftware:phantompdf:7.0
-
cpe:2.3:a:foxitsoftware:phantompdf:7.0.3.916
-
cpe:2.3:a:foxitsoftware:phantompdf:7.0.6
-
cpe:2.3:a:foxitsoftware:phantompdf:7.0.6.1126
-
cpe:2.3:a:foxitsoftware:phantompdf:7.1
-
cpe:2.3:a:foxitsoftware:phantompdf:7.1.0.306
-
cpe:2.3:a:foxitsoftware:phantompdf:7.1.3.320
-
cpe:2.3:a:foxitsoftware:phantompdf:7.1.5
-
cpe:2.3:a:foxitsoftware:phantompdf:7.1.5.425
-
cpe:2.3:a:foxitsoftware:phantompdf:7.2
-
cpe:2.3:a:foxitsoftware:phantompdf:7.2.0.0722
-
cpe:2.3:a:foxitsoftware:phantompdf:7.2.0.722
-
cpe:2.3:a:foxitsoftware:phantompdf:7.2.2
-
cpe:2.3:a:foxitsoftware:phantompdf:7.2.2.0929
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.0.0118
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.0.118
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.11
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.11.1122
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.13
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.13.421
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.15
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.15.712
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.17
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.17.906
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.4
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.4.0311
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.4.311
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.9
-
cpe:2.3:a:foxitsoftware:phantompdf:7.3.9.0816
-
cpe:2.3:a:foxitsoftware:phantompdf:8.0
-
cpe:2.3:a:foxitsoftware:phantompdf:8.0.0.624
-
cpe:2.3:a:foxitsoftware:phantompdf:8.0.2
-
cpe:2.3:a:foxitsoftware:phantompdf:8.0.2.805
-
cpe:2.3:a:foxitsoftware:phantompdf:8.0.5
-
cpe:2.3:a:foxitsoftware:phantompdf:8.1
-
cpe:2.3:a:foxitsoftware:phantompdf:8.1.0.1013
-
cpe:2.3:a:foxitsoftware:phantompdf:8.1.1
-
cpe:2.3:a:foxitsoftware:phantompdf:8.1.1.1115
-
cpe:2.3:a:foxitsoftware:phantompdf:8.2
-
cpe:2.3:a:foxitsoftware:phantompdf:8.2.0.2192
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows:1.0
-
cpe:2.3:o:microsoft:windows:2.0
-
cpe:2.3:o:microsoft:windows:2000
-
cpe:2.3:o:microsoft:windows:3.0
-
cpe:2.3:o:microsoft:windows:3.1
-
cpe:2.3:o:microsoft:windows:3.11
-
cpe:2.3:o:microsoft:windows:server_2008
-
cpe:2.3:o:microsoft:windows:vista