CVE-2020-26539

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. When there is a multiple interpretation error for /V (in the Additional Action and Field dictionaries), a use-after-free can occur with resultant remote code execution (or an information leak).
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:foxitsoftware:foxit_reader:*:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:phantompdf:*:*:*:*:*:*:*:*

Information

Published : 2020-10-02 01:15

Updated : 2020-10-04 20:03


NVD link : CVE-2020-26539

Mitre link : CVE-2020-26539


JSON object : View

CWE
CWE-416

Use After Free

Advertisement

dedicated server usa

Products Affected

foxitsoftware

  • foxit_reader
  • phantompdf