Foxit.Reader.and.PhantomPDF.Choice.Field.Use.After.Free
Description
This indicates an attack attempt to exploit a Use After Free Vulnerability in Foxit Software PhantomPDF.
This vulnerability is due to improper handling of Choice field objects. A remote attacker could exploit this vulnerability by enticing a user to open a crafted PDF document. Successful exploitation could allow the attacker to execute arbitrary code in the context of the application.
Affected Products
Foxit Software Foxit Reader 10.1.0.37527 and earlier
Foxit Software PhantomPDF 10.1.0.37527 and all previous 10.x versions
Foxit Software PhantomPDF 9.7.4.29600 and earlier
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.foxitsoftware.com/support/security-bulletins.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |