PT-2021-8840 · Foxit · Phantompdf+1
Published
2021-01-07
·
Updated
2021-01-08
·
CVE-2018-20315
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Foxit Reader versions prior to 9.5
PhantomPDF versions prior to 8.3.10 and 9.x prior to 9.5
Description
The issue is caused by a race condition that can lead to a stack-based buffer overflow or an out-of-bounds read.
Recommendations
For Foxit Reader versions prior to 9.5, update to version 9.5 or later.
For PhantomPDF versions prior to 8.3.10, update to version 8.3.10 or later.
For PhantomPDF 9.x versions prior to 9.5, update to version 9.5 or later.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foxit Reader
Phantompdf