Security News > 2020 > October > Foxit Patches Code Execution Vulnerabilities in PDF Software

Foxit Patches Code Execution Vulnerabilities in PDF Software
2020-10-14 10:22

PDF software developer Foxit has released patches to address several high-risk vulnerabilities affecting both Windows and macOS applications.

Last week, the company released security updates for both Foxit PhantomPDF Mac and Foxit Reader Mac, to address a vulnerability that could result in code injection or information disclosure.

Foxit PhantomPDF Mac version 4.0.0.0430 and earlier and Foxit Reader Mac version 4.0.0.0430 and earlier are vulnerable.

Prior to updating the macOS applications, the company released patches for Foxit Reader and Foxit PhantomPDF for Windows, to address multiple vulnerabilities, including use-after-free, out-of-bounds write, and access violation issues that could lead to remote code execution or privilege escalation.

The bugs were identified in Foxit Reader and Foxit PhantomPDF 10.0.1.35811 and earlier, and were addressed with the release of version 10.1.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/hTCRnyWoPls/foxit-patches-code-execution-vulnerabilities-pdf-software

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Foxit 5 6 17 109 4 136