mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-16 20:27:21 +00:00
21 lines
1.2 KiB
Markdown
21 lines
1.2 KiB
Markdown
|
### [CVE-2017-16584](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16584)
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
### Description
|
||
|
|
|
||
|
|
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within util.printf. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5290.
|
||
|
|
|
||
|
|
### POC
|
||
|
|
|
||
|
|
#### Reference
|
||
|
|
No PoCs from references.
|
||
|
|
|
||
|
|
#### Github
|
||
|
|
- https://github.com/ARPSyndicate/cvemon
|
||
|
|
- https://github.com/lnick2023/nicenice
|
||
|
|
- https://github.com/qazbnm456/awesome-cve-poc
|
||
|
|
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
|
||
|
|
|