2 matches found
CVE-2020-10906
CVE-2020-10906 affects Foxit Reader/PhantomPDF (Windows) prior to 9.7.2. The flaw is in resetForm and stems from not validating the existence of an object before performing operations, enabling use-after-free that can lead to remote code execution. Exploitation requires user interaction (open a m...
Foxit PDF Reader, PhantomPDF Open to Remote Code Execution
Foxit Software has released patches for dozens of high-severity flaws impacting its PDF reader and editor platforms. The most severe of the bugs, which exist on Windows versions of the software, enable a remote attacker to execute arbitrary code on vulnerable systems. Overall, Foxit Software...