KLA11398
Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF

Updated: 06/03/2020

Detect date ?	01/10/2019
Severity ?	Critical
Description	Multiple vulnerabilities were found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: Out-of-bounds Write/Read vulnerability can be exploited remotely to cause denial of service; Validation Bypass vulnerability can be exploited remotely to obtain sensitive information.
Affected products	Foxit Reader 9.3.0.10826 and earlier Foxit PhantomPDF 9.3.0.10826 and earlier
Solution	Update to the latest version Download Foxit PhantomPDF Download Foxit Reader
Original advisories	CVE-2018-3956 CVE-2018-18688/CVE-2018-18689 ZDI-CAN-7347/ZDI-CAN-7452/ZDI-CAN-7601 ZDI-CAN-7353/ZDI-CAN-7423 ZDI-CAN-7368 ZDI-CAN-7369 ZDI-CAN-7453 ZDI-CAN-7576 ZDI-CAN-7355
Impacts ?	OSI [?] DoS [?]
Related products	Foxit Reader Foxit Phantom PDF
CVE-IDS ?	CVE-2018-39565.8High CVE-2018-186885.0Critical CVE-2018-186895.0Critical
	Find out the statistics of the vulnerabilities spreading in your region

KLA11398Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF