KLA11398Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF

2019-01-10T00:00:00
ID KLA11398
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

01/10/2019

Severity:

Critical

Description:

Multiple vulnerabilities were found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information.

Affected products:

Foxit Reader 9.3.0.10826 and earlier
Foxit PhantomPDF 9.3.0.10826 and earlier

Solution:

Update to the latest version
Download Foxit PhantomPDF
Download Foxit Reader

Original advisories:

CVE-2018-3956
CVE-2018-18688/CVE-2018-18689
ZDI-CAN-7347/ZDI-CAN-7452/ZDI-CAN-7601
ZDI-CAN-7353/ZDI-CAN-7423
ZDI-CAN-7368
ZDI-CAN-7369
ZDI-CAN-7453
ZDI-CAN-7576
ZDI-CAN-7355

Impacts:

OSI

Related products:

Foxit Reader

CVE-IDS:

CVE-2018-39567.8Critical
CVE-2018-186880.0Critical
CVE-2018-186890.0Critical