Denial of Service Vulnerability in Foxit Reader and PhantomPDF by Foxit Software
CVE-2015-3633

Currently unrated

Key Information:

Vendor: Foxit
Status: Enterprise Reader; Foxit Reader; PhantomPDF
Vendor: CVE Published:; 1 May 2015

Summary

Earlier versions of Foxit Reader, Enterprise Reader, and PhantomPDF prior to 7.1.5 are susceptible to a denial of service vulnerability caused by improper handling of digital signatures. This can lead to memory corruption, resulting in application crashes when exploited by remote attackers. It is essential for users to update their software to the latest version to mitigate this risk.

References

http://www.securitytracker.com/id/1032228

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/74418

vdb-entryx_refsource_BID

http://www.foxitsoftware.com/support/security_bulletins.p...

x_refsource_CONFIRM

Timeline

Vulnerability published
May 1, 2015
Vulnerability Reserved
May 1, 2015