CVE-2016-4064
published 2016-04-22CVE-2016-4064: Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute…
high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foxitsoftware | foxit_reader | <= 7.3.0.118 | — |
| foxitsoftware | phantompdf | <= 7.3.0.118 | — |
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/85379http://www.zerodayinitiative.com/advisories/ZDI-16-215https://www.foxitsoftware.com/support/security-bulletins.phphttp://www.securityfocus.com/bid/85379http://www.zerodayinitiative.com/advisories/ZDI-16-215https://www.foxitsoftware.com/support/security-bulletins.php
2016-04-22
Published