PT-2019-18399 · Foxit · Foxit 3D Plugin+2

Published

2019-01-28

Updated

2019-01-29

CVE-2019-6985

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Foxit 3D Plugin Beta versions prior to 9.4.0.16807 for Foxit Reader and PhantomPDF

Description The issue arises from the application's handling of certain PDF files that embed specifically crafted 3D content, leading to an Out-of-Bounds Read in Indexing or a Heap Overflow, which can cause the application to crash due to an array access violation.

Recommendations For Foxit 3D Plugin Beta versions prior to 9.4.0.16807, update to version 9.4.0.16807 or later to resolve the issue.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2019-6985

Affected Products

Foxit 3D Plugin

Foxit Reader

Phantompdf

PT-2019-18399 · Foxit · Foxit 3D Plugin+2

CVE-2019-6985

Weakness Enumeration

Related Identifiers

Affected Products

References · 3