CVE-2019-6985
Severity Score
8.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Read in Indexing or a Heap Overflow and crash during handling of certain PDF files that embed specifically crafted 3D content, due to an array access violation.
Se ha detectado un problema en Foxit 3D Plugin Beta, en versiones anteriores a la 9.4.0.16807, para Foxit Reader y PhantomPDF. La aplicación podría encontrar una lectura fuera de límites durante la indexación o un desbordamiento de memoria dinámica (heap) y un cierre inesperado durante la gestión de determinados archivos PDF que embeben contenido 3D especialmente manipulado, debido a una violación de acceso al array.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-01-28 CVE Reserved
- 2019-01-28 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.foxitsoftware.com/support/security-bulletins.php | 2019-01-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Foxitsoftware Search vendor "Foxitsoftware" | 3d Search vendor "Foxitsoftware" for product "3d" | < 9.4.0.16807 Search vendor "Foxitsoftware" for product "3d" and version " < 9.4.0.16807" | foxit_reader |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Foxitsoftware Search vendor "Foxitsoftware" | 3d Search vendor "Foxitsoftware" for product "3d" | < 9.4.0.16807 Search vendor "Foxitsoftware" for product "3d" and version " < 9.4.0.16807" | phantompdf |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|