Out-of-Bounds Write Vulnerability in Foxit 3D Plugin for Foxit Reader and PhantomPDF
CVE-2019-6982

5.5MEDIUM

Key Information:

Vendor: Foxit
Status: 3d
Vendor: CVE Published:; 3 October 2022

Summary

A vulnerability in the Foxit 3D Plugin for Foxit Reader and PhantomPDF allows an Out-of-Bounds Write to occur when the plugin improperly processes certain PDF files with specifically crafted 3D content. This flaw may lead to application crashes as it fails to adequately handle logic exceptions during execution, specifically within the IFXASSERT function.

References

https://www.foxitsoftware.com/support/security-bulletins.php

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 3, 2022
Vulnerability Reserved
Oct 3, 2022