Home

CVE-2019-5006

Description

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.08

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in Foxit PhantomPDF 8 (ML) 9.3.0.10826Windows
Multiple vulnerabilities affected in Foxit PhantomPDF 9 (EXE) 9.3.0.10826Windows
Multiple vulnerabilities affected in Foxit PhantomPDF 9 (ML) (EXE) 9.3.0.10826Windows
Multiple vulnerabilities affected in Foxit PhantomPDF 9 (ML) (MSI) 9.3.0.10826Windows
Multiple vulnerabilities affected in Foxit PhantomPDF 9 (MSI) 9.3.0.10826Windows
Multiple vulnerabilities affected in Foxit PhantomPDF Slim 9.3.0.10826Windows
Multiple vulnerabilities affected in Foxit Reader 9.3.0.10826Windows
Multiple vulnerabilities affected in Foxit Reader Enterprise 9.3.0.10826Windows
Multiple Vulnerabilities are affected in Foxit Reader 9.3.0.10826Windows
Multiple Vulnerabilities are affected in Foxit Reader Enterprise 9.3.0.10826Windows
Vulnerabilities CVE-2018-18688,CVE-2019-5005,CVE-2019-5006,CVE-2019-5007 are affected in Foxit PhantomPDF 8 (ML) 9.3Windows
Vulnerabilities CVE-2019-5005,CVE-2019-5006,CVE-2019-5007 are affected in Foxit PhantomPDF 8 9.3Windows
Vulnerabilities CVE-2018-18688,CVE-2019-5005,CVE-2019-5006,CVE-2019-5007 are affected in Foxit PhantomPDF 9 (EXE) 9.3Windows
Vulnerabilities CVE-2018-18688,CVE-2019-5005,CVE-2019-5006,CVE-2019-5007 are affected in Foxit PhantomPDF 9 (ML) (EXE) 9.3Windows
Vulnerabilities CVE-2018-18688,CVE-2019-5005,CVE-2019-5006,CVE-2019-5007 are affected in Foxit PhantomPDF 9 (ML) (MSI) 9.3Windows
Vulnerabilities CVE-2018-18688,CVE-2019-5005,CVE-2019-5006,CVE-2019-5007 are affected in Foxit PhantomPDF 9 (MSI) 9.3Windows
Vulnerabilities CVE-2018-18688,CVE-2019-5005,CVE-2019-5006,CVE-2019-5007 are affected in Foxit PhantomPDF Slim 9.3Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-311706Foxit PhantomPDF 8 ML (8.3.12.47136)
PATCH-317726Foxit PhantomPDF 9 (EXE) (9.7.5.29616)
PATCH-317727Foxit PhantomPDF 9 (ML) (EXE) (9.7.5.29616)
PATCH-317728Foxit PhantomPDF 9 (ML) (MSI) (9.7.5.29616)
PATCH-317729Foxit PhantomPDF 9 (MSI) (9.7.5.29616)
PATCH-306313Foxit PhantomPDF (MSI) (8.3.2) (Formerly Foxit PhantomPDF Slim)
PATCH-341796Foxit Reader (2024.3.0.26795)
PATCH-341798Foxit PDF Reader (MSI) (2024.3.0.26795) (Formerly Foxit Reader Enterprise)
PATCH-341796Foxit Reader (2024.3.0.26795)
PATCH-341798Foxit PDF Reader (MSI) (2024.3.0.26795) (Formerly Foxit Reader Enterprise)
PATCH-317726Foxit PhantomPDF 9 (EXE) (9.7.5.29616)
PATCH-317727Foxit PhantomPDF 9 (ML) (EXE) (9.7.5.29616)
PATCH-317728Foxit PhantomPDF 9 (ML) (MSI) (9.7.5.29616)
PATCH-317729Foxit PhantomPDF 9 (MSI) (9.7.5.29616)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234