CVE-2019-6985

CWE-125Out-of-bounds Read5 documents5 sources
Severity
8.8HIGH
EPSS
0.1%
top 67.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Foxitsoftware 3D
Timeline
PublishedJan 28
Latest updateMay 14

Description

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Read in Indexing or a Heap Overflow and crash during handling of certain PDF files that embed specifically crafted 3D content, due to an array access violation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDfoxitsoftware/3d< 9.4.0.16807

🔴Vulnerability Details

2
GHSA
GHSA-hq2h-g68x-694m: An issue was discovered in Foxit 3D Plugin Beta before 92022-05-14
CVEList
CVE-2019-6985: An issue was discovered in Foxit 3D Plugin Beta before 92019-01-28

💥Exploits & PoCs

2
Exploit-DB
SmarterMail Build 6985 - Remote Code Execution2020-12-09
Metasploit
SmarterTools SmarterMail less than build 6985 - .NET Deserialization Remote Code Execution
CVE-2019-6985 (HIGH CVSS 8.8) | An issue was discovered in Foxit 3D | cvebase.io