Beschreibung
Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service and execute arbitrary code.
Below is a complete list of vulnerabilities:
- An unsafe DLL loading vulnerability can be exploited remotely to execute arbitrary code;
- A heap buffer overflow can be exploited remotely to execute arbitrary code;
- Multiple use-after-free vulnerabilities can be exploited remotely to execute arbitrary code;
- An uninitialized memory/pointer vulnerability can be exploited remotely to obtain sensitive information and execute arbitrary code;
- An out-of-bounds read/write vulnerability can be exploited remotely to obtain sensitive information and execute arbitrary code;
- Multiple type confusion vulnerabilities can be exploited remotely to cause denial of service and execute arbitrary code;
- An use-after-free vulnerability can be exploited remotely to obtain sensitive information and execute arbitrary code;
- Multiple unspecified vulnerabilities can be exploited remotely to obtain sensitive information and execute arbitrary code;
Ursprüngliche Informationshinweise
CVE Liste
- CVE-2018-3850 critical
- CVE-2018-3842 critical
- CVE-2018-3843 critical
- CVE-2018-10302 critical
- CVE-2018-10303 critical
- CVE-2018-3853 critical
- CVE-2017-17557 critical
- CVE-2017-14458 critical
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!