PT-2019-18399 · Foxit · Foxit 3D Plugin+2

Publicado

2019-01-28

Atualizado

2019-01-29

CVE-2019-6985

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Foxit 3D Plugin Beta versions prior to 9.4.0.16807 for Foxit Reader and PhantomPDF

Description The issue arises from the application's handling of certain PDF files that embed specifically crafted 3D content, leading to an Out-of-Bounds Read in Indexing or a Heap Overflow, which can cause the application to crash due to an array access violation.

Recommendations For Foxit 3D Plugin Beta versions prior to 9.4.0.16807, update to version 9.4.0.16807 or later to resolve the issue.

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

CVE-2019-6985

Produtos afetados

Foxit 3D Plugin

Foxit Reader

Phantompdf

PT-2019-18399 · Foxit · Foxit 3D Plugin+2

CVE-2019-6985

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3