Integer Overflow in Foxit Reader and PhantomPDF Affecting 3D Content Handling
CVE-2019-6983

6.5MEDIUM

Key Information:

Vendor
Foxit
Status
Vendor
CVE Published:
3 October 2022

Summary

An integer overflow vulnerability in the Foxit 3D Plugin Beta affects Foxit Reader and PhantomPDF versions prior to 9.4.0.16807. This vulnerability occurs when the applications process specially crafted PDF files that contain 3D content. A successful exploitation of this issue could lead to application crashes and potential disruption of service, allowing attackers to manipulate the handling of memory, resulting in unpredictable behavior.

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.