Lucene search
PRIOn knowledge basePRION:CVE-2018-17679HistoryJan 24, 2019 - 4:29 a.m.
Design/Logic Flaw
2019-01-2404:29:00
PRIOn knowledge base
www.prio-n.com
2
0.01 Low
EPSS
Percentile
83.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. By manipulating a document’s elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6890.
| CPE | Name | Operator | Version |
|---|---|---|---|
| phantompdf | le | 9.2.0.9297 | |
| reader | le | 9.2.0.9297 |
Related
zdi
zdi
Foxit Reader PDF Parsing Use-After-Free Remote Code Execution Vulnerability
2018-10-11 00:00:00
nvd
nvd
CVE-2018-17679
2019-01-24 04:29:03
cvelist
cvelist
CVE-2018-17679
2019-01-24 04:00:00
cve
cve
CVE-2018-17679
2019-01-24 04:29:03
openvas
openvas
Foxit Reader < 9.3 Multiple Vulnerabilities (Jun 2019) - Windows
2019-06-28 00:00:00