3 matches found
CVE-2019-17139
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17139
Foxit PhantomPDF 9.5.0.20723 is affected by CVE-2019-17139 due to an out-of-bounds write in the HTML2PDF plugin while processing JavaScript. The flaw arises from insufficient validation of user-supplied data, enabling remote code execution in the context of the current process. Exploitation requi...