CVE-2019-6984

CWE-416Use After FreeCWE-8433 documents3 sources
Severity
6.5MEDIUM
EPSS
0.0%
top 86.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Foxitsoftware 3D
Timeline
PublishedJan 28
Latest updateMay 13

Description

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter a Use-After-Free or Type Confusion and crash during handling of certain PDF files that embed specifically crafted 3D content, due to the use of a wild pointer.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

NVDfoxitsoftware/3d< 9.4.0.16807

🔴Vulnerability Details

2
GHSA
GHSA-4gcr-38pq-7pjw: An issue was discovered in Foxit 3D Plugin Beta before 92022-05-13
CVEList
CVE-2019-6984: An issue was discovered in Foxit 3D Plugin Beta before 92019-01-28
CVE-2019-6984 (MEDIUM CVSS 6.5) | An issue was discovered in Foxit 3D | cvebase.io