3 matches found
CVE-2020-10912
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Type confusion
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2020-10912
CVE-2020-10912 affects Foxit PhantomPDF (and Foxit Reader/PhantomPDF family) and is tied to the SetFieldValue command in Foxit’s communication API. The root cause is a lack of validation of user-supplied data, leading to a type confusion condition and enabling arbitrary code execution in the cont...