Home

CVE-2019-20814

Description

An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows memory consumption because data is created for each page of an application level.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.024

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in Foxit PhantomPDF 8 (ML) 8.3.9.41099Windows
Multiple vulnerabilities affected in Foxit PhantomPDF 8 8.3.9.41099Windows
Multiple vulnerabilities affected in Foxit PhantomPDF Slim 8.3.9.41099Windows
Vulnerability CVE-2019-20813,CVE-2019-20814,CVE-2019-20815 are affected in Foxit PhantomPDF 9 (EXE) 8.3.11Windows
Vulnerability CVE-2019-20813,CVE-2019-20814,CVE-2019-20815 are affected in Foxit PhantomPDF 9 (ML) (EXE) 8.3.11Windows
Vulnerability CVE-2019-20813,CVE-2019-20814,CVE-2019-20815 are affected in Foxit PhantomPDF 9 (ML) (MSI) 8.3.11Windows
Vulnerability CVE-2019-20813,CVE-2019-20814,CVE-2019-20815 are affected in Foxit PhantomPDF 9 (MSI) 8.3.11Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-311706Foxit PhantomPDF 8 ML (8.3.12.47136)
PATCH-311625Foxit PhantomPDF 8 (8.3.12.47136)
PATCH-306313Foxit PhantomPDF (MSI) (8.3.2) (Formerly Foxit PhantomPDF Slim)
PATCH-317726Foxit PhantomPDF 9 (EXE) (9.7.5.29616)
PATCH-317727Foxit PhantomPDF 9 (ML) (EXE) (9.7.5.29616)
PATCH-317728Foxit PhantomPDF 9 (ML) (MSI) (9.7.5.29616)
PATCH-317729Foxit PhantomPDF 9 (MSI) (9.7.5.29616)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234