PT-2019-13139 · Foxit+1 · Foxit Reader+1

Published

2019-09-29

Updated

2019-10-03

CVE-2019-13124

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Foxit Reader versions 9.6.0.25114 and earlier

Description The issue involves two unique RecursiveCall bugs in the V8 JavaScript engine, where 3 functions cause Uncontrolled Recursion, leading to exhaustion of available stack memory.

Recommendations For Foxit Reader versions 9.6.0.25114 and earlier, consider disabling the V8 JavaScript engine as a temporary workaround until a patch is available. Restrict the use of functions that may trigger the Uncontrolled Recursion to minimize the risk of exploitation.

Fix

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-674

Related Identifiers

CVE-2019-13124

Affected Products

Foxit Reader

V8 Javascript Engine

PT-2019-13139 · Foxit+1 · Foxit Reader+1

CVE-2019-13124

Weakness Enumeration

Related Identifiers

Affected Products

References · 3