LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

Fwd: [CIVN-2020-0443] Multiple Vulnerabilities in Foxit Reader and Foxit Phantom PDF

3 years ago 268
BOOK THIS SPACE FOR AD
ARTICLE AD

Severity Rating: MEDIUM

Software Affected

Foxit Reader 10.1.0.37527 and earlier

Foxit PhantomPDF 10.1.0.37527 and earlier

Overview

Multiple vulnerabilities has been reported in Foxit Reader and Foxit

Phantom PDF for windows where a null pointer access/dereference while

opening a crafted PDF file lead to application crash and DoS.

Description

The application could be exposed to Denial of Service vulnerability and

crash when opening certain PDF files that contained illegal value in the

/Size entry of the Trail dictionary. This occurs due to the array overflow

as the illegal value in the /Size entry causes an error in initializing the

array size for storing the compression object streams, and an object number

which is larger than the initialization value is used as the array index

while parsing the cross-reference streams. 

Successful exploitation of this vulnerability could allow the attacker to

cause denial-of-service in Foxit Reader and Foxit Phantom PDF.

Solution

Apply appropriate fix as mentioned in Foxit Advisory 

Vendor Information

Foxit

References

Foxit

CVE Name

CVE-2020-28203


Read Entire Article
  3. Fwd: [CIVN-2020-0443] Multiple Vulnerabilities in Foxit Reader and Foxit Phantom PDF

Related

Fwd: [CIVN-2020-0294] Microsoft Office Elevation of Privilege Vulnerability

Fwd: [CIVN-2020-0294] Microsoft Office Elevation of Privilege Vulnerability

Fwd: Virus Alert : CLOP Ransomware

Fwd: Virus Alert : CLOP Ransomware

Fwd: [CIVN-2020-0295] Remote code execution vulnerability in IBM WebSphere Application Server

Fwd: [CIVN-2020-0295] Remote code execution vulnerability in IBM WebSphere Application Server

Fwd: Virus Alert : Conti Ransomware

Fwd: Virus Alert : Conti Ransomware

Fwd: [CIVN-2020-0293] LNK Remote Code Execution Vulnerability

Fwd: [CIVN-2020-0293] LNK Remote Code Execution Vulnerability

Fwd: [CIAD-2020-0049] Multiple Vulnerabilities in Apple iOS and iPadOS

Fwd: [CIAD-2020-0049] Multiple Vulnerabilities in Apple iOS and iPadOS

Trending

1. Harvey Weinstein
2. Adrian Newey
3. Rafael Nadal
4. Gukesh Chess
5. World Malaria Day
6. TikTok banned
7. RCB बनाम SRH
8. Rajat Patidar
9. RCB vs SRH
10. IBM HashiCorp acquisition

Popular

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved