CVE-2015-3633

CWE-119Buffer Overflow3 documents3 sources
Severity
5.0MEDIUM
EPSS
0.1%
top 70.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Foxitsoftware Enterprise ReaderFoxitsoftware Foxit ReaderFoxitsoftware Phantompdf
Timeline
PublishedMay 1
Latest updateMay 17

Description

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

NVDfoxitsoftware/phantompdf7.1.3.320+1

Patches

Patch: www.foxitsoftware.comPatch: www.foxitsoftware.com

🔴Vulnerability Details

2
GHSA
GHSA-mjpg-hh65-wgff: Foxit Reader, Enterprise Reader, and PhantomPDF before 72022-05-17
CVEList
CVE-2015-3633: Foxit Reader, Enterprise Reader, and PhantomPDF before 72015-05-01
CVE-2015-3633 (MEDIUM CVSS 5) | Foxit Reader | cvebase.io