PT-2018-14192 · Foxit · Foxit Reader+1
Published
2018-09-29
·
Updated
2018-11-19
·
CVE-2018-17781
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Foxit PhantomPDF and Reader versions prior to 9.3
Description
The issue is related to the mishandling of ArrayBuffer and DataView objects creation, leading to Uninitialized Object Information Disclosure. This allows remote attackers to trigger the issue.
Recommendations
For Foxit PhantomPDF and Reader versions prior to 9.3, update to version 9.3 or later to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foxit Phantompdf
Foxit Reader