CVE-2019-6776: Foxit PhantomPDF addWatermarkFromText Use-After-Free Remote Code Execution Vulnerability
First published: Fri Oct 04 2019(Updated: )
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing watermarks within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8801.
Credit: zdi-disclosures@trendmicro.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Foxit Software PhantomPDF for Windows | ||
| Foxit PhantomPDF | <=8.3.10.42705 | |
| Foxit PhantomPDF | >=9.0<=9.5.0.20723 | |
| Microsoft Windows | ||
| Foxit Reader for Windows | <=9.5.0.20723 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-6776?
CVE-2019-6776 has been assigned a high severity rating due to its potential to allow remote code execution.
How do I fix CVE-2019-6776?
To fix CVE-2019-6776, users should update Foxit PhantomPDF and Foxit Reader to the latest versions that address this vulnerability.
Who is affected by CVE-2019-6776?
CVE-2019-6776 affects users of Foxit PhantomPDF versions up to and including 9.5.0.20723 and Foxit Reader versions up to 9.5.0.20723.
What type of attack vector is associated with CVE-2019-6776?
The attack vector associated with CVE-2019-6776 requires user interaction, such as visiting a malicious web page or opening a malicious file.
What are the potential consequences of exploiting CVE-2019-6776?
Exploiting CVE-2019-6776 can lead to arbitrary code execution on the affected system, potentially compromising sensitive data.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- agent/title
- agent/description
- agent/event
- agent/first-publish-date
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-19-631
- alias/ZDI-CAN-8801
- alias/CVE-2019-6776
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/foxit
- canonical/foxit software phantompdf for windows
- vendor/foxitsoftware
- canonical/foxit phantompdf
- version/foxit phantompdf/8.3.10.42705
- version/foxit phantompdf/9.0
- version/foxit phantompdf/9.5.0.20723
- vendor/microsoft
- canonical/microsoft windows
- canonical/foxit reader for windows
- version/foxit reader for windows/9.5.0.20723