Uncontrolled Recursion Vulnerability in Foxit Reader Software
CVE-2019-13124

7.5HIGH

Key Information:

Vendor: Foxit
Status: Foxit Reader
Vendor: CVE Published:; 30 September 2019

What is CVE-2019-13124?

Foxit Reader versions up to 9.6.0.25114 are affected by a vulnerability that exploits recursive function calls within the V8 JavaScript engine, potentially exhausting available stack memory. This issue arises from inadequate handling of recursive function calls, which can lead to denial of service conditions. Users are advised to update to the latest version to mitigate this security risk.

References

https://www.foxitsoftware.com/support/security-bulletins.php

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 30, 2019
Vulnerability Reserved
Jul 1, 2019

JSON