HomePentest-Tools.com Logo

Foxit PhantomPDF Multiple Vulnerabilities-June 2019 (Windows)-01 CVE-2019-6752CVE-2019-6756CVE-2019-6762CVE-2019-6765

Severity
CVSSv3 Score
7.8
Vulnerability description

Foxit PhantomPDF is prone to multiple vulnerabilities.

Risk description

Multiple flaws exist due to: - An issue in conversion of HTML files to PDF resulting from lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. - An issue in the parsing of HTML files which results from lack of validating the existence of an object prior to performing operations on the object. - An issue in the parsing of PDF documents resulting from lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. Successful exploitation will allow remote attackers to disclose sensitive information and execute arbitrary code.

Recommendation

Upgrade to Foxit PhantomPDF 8.3.10 or 9.5 or later. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 3, 2019
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available