HomePentest-Tools.com Logo

Foxit PhantomPDF Multiple Code Execution Vulnerabilities - May18 (Windows) CVE-2018-5674CVE-2018-5677CVE-2018-5676CVE-2018-5675CVE-2018-5678CVE-2018-5680CVE-2018-5679CVE-2018-7407CVE-2018-7406

Severity
CVSSv3 Score
8.8
Vulnerability description

Foxit PhantomPDF is prone to multiple code execution vulnerabilities.

Risk description

Multiple flaws exist due to: - Lack of proper validation of user-supplied data. - Foxit PhantomPDF unable to sanitize itself from crafted data in the PDF file. Successful exploitation will allow an attacker to execute arbitrary code.

Recommendation

Upgrade to Foxit PhantomPDF version 9.1 or later. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
May 24, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available