HomePentest-Tools.com Logo

Foxit PhantomPDF Multiple Vulnerabilities-July 2019 (Windows)-02 CVE-2019-14208CVE-2019-14209CVE-2019-14210CVE-2019-14214

CVSSv3 Score
Vulnerability description

Foxit PhantomPDF is prone to multiple vulnerabilities.

Risk description

Multiple flaws exist due to: - An issue in getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary which could expose the application to a NULL pointer dereference. - Data desynchrony when adding AcroForm could cause Heap Corruption. - Use of an invalid pointer copy, resulting from a destructed string object could cause Memory Corruption. - Deleting pages in a document that contains only one page by calling a t.hidden = true function could result in JavaScript Denial of Service. Successful exploitation allows remote attackers to overflow the buffer and cause denial of service conditions.


Upgrade to Foxit PhantomPDF 8.3.10 or later. Please see the references for more information.

Not available
Detectable with
Network Scanner
Scan engine
Exploitable with Sniper
CVE Published
Jul 21, 2019
Detection added at
Software Type
Not available
Not available
Not available