Write-what-where Condition
CVE-2017-10994
Summary
Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document.
- LOW
- LOCAL
- HIGH
- UNCHANGED
- REQUIRED
- LOW
- HIGH
- HIGH
CWE-123 - Write-what-where Condition
Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow.
References
Advisory Timeline
- Published