CVE-2016-8334
First published: Fri Jan 06 2017(Updated: )
A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Foxit Reader for Windows | =8.0.2.805 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-8334?
CVE-2016-8334 is classified as a medium severity vulnerability due to its potential for information disclosure.
How do I fix CVE-2016-8334?
To fix CVE-2016-8334, update Foxit PDF Reader to the latest version where the vulnerability has been addressed.
What type of vulnerability is CVE-2016-8334?
CVE-2016-8334 is an out-of-bounds read vulnerability on the heap that can lead to information disclosure.
Which versions of Foxit Reader are affected by CVE-2016-8334?
CVE-2016-8334 specifically affects Foxit Reader version 8.0.2.805.
Can CVE-2016-8334 be exploited remotely?
CVE-2016-8334 can potentially be exploited if a user opens a malicious PDF file, leading to information disclosure.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/foxitsoftware
- canonical/foxit reader for windows
- version/foxit reader for windows/8.0.2.805