What is CVE-2018-20247?

CVE-2018-20247 is a vulnerability in Foxit Quick Pdf Library, classified under Stack-based Buffer Overflow. Published 2018-12-24.

Is CVE-2018-20247 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Foxit Quick Pdf Library

CVE-2018-20247

In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFromStream functions results in a stack ove…

Vulnerability class: Buffer Overflow

EPSS: 0.545 (98.9th percentile) — read the EPSS interpretation.

Affected products

N/a Foxit Quick Pdf Library — versions All versions prior to 16.12

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

Public proof-of-concept exploits

References

106306 (vdb-entry, x_refsource_BID)
www.foxitsoftware.com/support/security-bulletins.php (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2018-20247?: CVE-2018-20247 is a vulnerability in Foxit Quick Pdf Library, classified under Stack-based Buffer Overflow. Published 2018-12-24.
Is CVE-2018-20247 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.