CVE-2018-17609
published 2018-09-28CVE-2018-17609: Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of…
critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foxitsoftware | phantompdf | < 9.3 | 9.3 |
| foxitsoftware | reader | < 9.3 | 9.3 |