Integer Overflow in Foxit Reader and PhantomPDF Affecting 3D Content Handling
CVE-2019-6983

6.5MEDIUM

Key Information:

Vendor: Foxit
Status: 3d
Vendor: CVE Published:; 3 October 2022

Summary

An integer overflow vulnerability in the Foxit 3D Plugin Beta affects Foxit Reader and PhantomPDF versions prior to 9.4.0.16807. This vulnerability occurs when the applications process specially crafted PDF files that contain 3D content. A successful exploitation of this issue could lead to application crashes and potential disruption of service, allowing attackers to manipulate the handling of memory, resulting in unpredictable behavior.

References

https://www.foxitsoftware.com/support/security-bulletins.php

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 3, 2022
Vulnerability Reserved
Oct 3, 2022