Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF

Описание

Multiple vulnerabilities were found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

1. Use after free vulnerability in PDF file can be exploited remotely to execute arbitrary code and cause denial of service.
2. A denial of service vulnerability in PDF file can be exploited to potentially cause denial of service.
3. Memory corruption vulnerability in PDF JavaScript API can be exploited renotely to execute arbitrary code or cause denial of service.
4. Out of bounds write vulnerability in XFA templates can be exploited remotely to execute arbitrary code and cause denial of service.

Первичный источник обнаружения

• Foxit Security Bulletins
  

Связанные продукты

• Foxit-Reader
• Foxit-Phantom-PDF

Список CVE

• CVE-2020-13560
  critical
• CVE-2020-13570
  critical
• CVE-2020-13548
  critical
• CVE-2020-28203
  high
• CVE-2020-13547
  critical
• CVE-2020-13557
  critical
• CVE-2020-27860
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com