PT-2019-17398 · Foxit · Foxit Reader+1

Published

2019-01-03

Updated

2019-01-15

CVE-2019-5007

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Foxit Reader and PhantomPDF versions prior to 9.4

Description The issue is an Out-of-Bounds Read Information Disclosure that can cause a crash due to a NULL pointer dereference. This occurs when the software reads TIFF data during TIFF parsing.

Recommendations For versions prior to 9.4, update to version 9.4 or later to resolve the issue.

Fix

Out of bounds Read

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-476

Related Identifiers

CVE-2019-5007

Affected Products

Foxit Reader

Phantompdf

PT-2019-17398 · Foxit · Foxit Reader+1

CVE-2019-5007

Weakness Enumeration

Related Identifiers

Affected Products

References · 3