An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.
2020-06-04T17:15:11.217
2024-11-21T04:03:16.483
Modified
CVSSv3.1: 9.8 (CRITICAL)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | foxitsoftware | phantompdf | < 8.3.6 | Yes |