Home

CVE-2019-14211

Description

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.021

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in Foxit PhantomPDF 8 (ML) 8.3.9.41099Windows
Multiple vulnerabilities affected in Foxit PhantomPDF 8 8.3.9.41099Windows
Multiple vulnerabilities affected in Foxit PhantomPDF Slim 8.3.9.41099Windows
Multiple Vulnerabilities are affected in Foxit PhantomPDF 9 (EXE) 8.3.10.42705Windows
Multiple Vulnerabilities are affected in Foxit PhantomPDF 9 (ML) (EXE) 8.3.10.42705Windows
Multiple Vulnerabilities are affected in Foxit PhantomPDF 9 (ML) (MSI) 8.3.10.42705Windows
Multiple Vulnerabilities are affected in Foxit PhantomPDF 9 (MSI) 8.3.10.42705Windows
Multiple Vulnerabilities are affected in Foxit PhantomPDF 8 (ML) 8.3.10.42705Windows
Multiple Vulnerabilities are affected in Foxit PhantomPDF 8 8.3.10.42705Windows
Multiple Vulnerabilities are affected in Foxit PhantomPDF Slim 8.3.10.42705Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-311706Foxit PhantomPDF 8 ML (8.3.12.47136)
PATCH-311625Foxit PhantomPDF 8 (8.3.12.47136)
PATCH-306313Foxit PhantomPDF (MSI) (8.3.2) (Formerly Foxit PhantomPDF Slim)
PATCH-317726Foxit PhantomPDF 9 (EXE) (9.7.5.29616)
PATCH-317727Foxit PhantomPDF 9 (ML) (EXE) (9.7.5.29616)
PATCH-317728Foxit PhantomPDF 9 (ML) (MSI) (9.7.5.29616)
PATCH-317729Foxit PhantomPDF 9 (MSI) (9.7.5.29616)
PATCH-311706Foxit PhantomPDF 8 ML (8.3.12.47136)
PATCH-311625Foxit PhantomPDF 8 (8.3.12.47136)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234