Lucene search
PRIOn knowledge basePRION:CVE-2020-13570HistoryDec 22, 2020 - 6:15 p.m.
Design/Logic Flaw
2020-12-2218:15:00
PRIOn knowledge base
www.prio-n.com
5
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger the reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| foxit_reader | eq | 10.1.0.37527 |
Related
cve
cve
CVE-2020-13570
2020-12-22 18:15:12
nvd
nvd
CVE-2020-13570
2020-12-22 18:15:12
talos
talos
Foxit Reader JavaScript remove template use-after-free vulnerability
2020-12-09 00:00:00
cvelist
cvelist
CVE-2020-13570
2020-12-22 17:58:37
kaspersky
kaspersky
KLA12028 Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF
2020-12-09 00:00:00
nessus
nessus
Foxit PhantomPDF < 9.7.5 Multiple Vulnerabilities
2020-12-30 00:00:00
Foxit Reader < 10.1.1 Multiple Vulnerabilities
2020-12-23 00:00:00
Foxit PhantomPDF < 10.1.1 Multiple Vulnerabilities
2020-12-23 00:00:00