Searching
..

Click anywhere to stop

KLA11398
Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF

Обновлено: 22/01/2024
Дата обнаружения
10/01/2019
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. Out-of-bounds Write/Read vulnerability can be exploited remotely to cause denial of service;
  2. Validation Bypass vulnerability can be exploited remotely to obtain sensitive information.
Пораженные продукты

Foxit Reader 9.3.0.10826 and earlier
Foxit PhantomPDF 9.3.0.10826 and earlier

Решение

Update to the latest version
Download Foxit PhantomPDF
Download Foxit Reader

Первичный источник обнаружения
CVE-2018-3956
CVE-2018-18688/CVE-2018-18689
ZDI-CAN-7347/ZDI-CAN-7452/ZDI-CAN-7601
ZDI-CAN-7353/ZDI-CAN-7423
ZDI-CAN-7368
ZDI-CAN-7369
ZDI-CAN-7453
ZDI-CAN-7576
ZDI-CAN-7355
Оказываемое влияние
?
OSI 
[?]

DoS 
[?]
Связанные продукты
Foxit Reader
Foxit Phantom PDF
CVE-IDS
Узнай статистику распространения уязвимостей в твоем регионе