2 matches found
CVE-2020-10909
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2020-10909
Foxit PhantomPDF (and related Foxit PDF products) is affected by CVE-2020-10909 due to a type-confusion in the AddWatermark handling of the communication API. The root cause is improper validation of user-supplied data, enabling remote code execution on the current process after user interaction ...