CVE-2020-28203
MEDIUM
5,5
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high
MEDIUM
4,3
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: none
Confidentiality: none
Integrity: none
Availability: partial
Description
AI Translation Available
An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier. There is a null pointer access/dereference while opening a crafted PDF file, leading the application to crash (denial of service).
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0002
Percentile
0,1th
Updated
EPSS Score Trend (Last 91 Days)
476
NULL Pointer Dereference
StableCommon Consequences
Security Scopes Affected:
Availability
Integrity
Confidentiality
Potential Impacts:
Dos: Crash, Exit, Or Restart
Execute Unauthorized Code Or Commands
Read Memory
Modify Memory
Applicable Platforms
Languages:
C, C#, C++, Go, Java
Application
Foxit Reader by Foxitsoftware
Version Range Affected
To
10.1.0.37527
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:foxitsoftware:foxit_reader:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Phantompdf by Foxitsoftware
Version Range Affected
To
10.1.0.37527
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:foxitsoftware:phantompdf:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.foxitsoftware.com/support/security-bulletins.php
https://www.foxitsoftware.com/support/security-bulletins.php