Lucene search

CVE-2018-17694

🗓️ 24 Jan 2019 04:04:29Reported by zdiType

Remote code execution in Foxit PhantomPDF 9.2.0.9297 via display property handling

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Prion	Design/Logic Flaw	24 Jan 201904:29	–	prion
Cvelist	CVE-2018-17694	24 Jan 201904:00	–	cvelist
NVD	CVE-2018-17694	24 Jan 201904:29	–	nvd
Zero Day Initiative	Foxit PhantomPDF display Use-After-Free Remote Code Execution Vulnerability	11 Oct 201800:00	–	zdi
0day.today	HighPortal 12.5 Cross Site Scripting Vulnerability	16 Oct 201800:00	–	zdt
Packet Storm	HighPortal 12.5 Cross Site Scripting	16 Oct 201800:00	–	packetstorm
OpenVAS	Foxit PhantomPDF < 8.3.8, 9.x < 9.3 Multiple Vulnerabilities (Jun 2019) - Windows	28 Jun 201900:00	–	openvas

Nvd

Vulners

Node

foxitsoftware phantompdfRange≤9.2.0.9297

foxitsoftware readerRange≤9.2.0.9297

AND

microsoft windowsMatch-

[
  {
    "product": "PhantomPDF",
    "vendor": "Foxit",
    "versions": [
      {
        "status": "affected",
        "version": "9.2.0.9297"
      }
    ]
  }
]

Source	Link
foxitsoftware	www.foxitsoftware.com/support/security-bulletins.php
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-18-1224/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Jan 2019 04:29Current

8.8High risk

Vulners AI Score8.8

CVSS26.8

CVSS38.8

EPSS0.00566

CWE-416