3 matches found
CVE-2020-17413
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Foxit 3D Plugin Beta 9.x < 9.7.4.29600 / 10.x < 10.1.0.37494 RCE
The version of the Foxit 3D plugin installed on the remote Windows host is 9.x prior to 9.7.4.29600, or 10.x prior to 10.1.0.37494. It is, therefore affected by an Out-of-Bounds Read/Write or Stack-based Buffer Overflow vulnerability due to improper validation of data when parsing certain U3D...
CVE-2020-17413
Foxit PhantomPDF 10.0.0.35798 is affected by CVE-2020-17413 due to a stack-based buffer overflow when parsing U3D objects in PDFs. The root cause is improper validation of the length of user-supplied data before copying to a fixed-length stack buffer, enabling remote code execution with required ...