Vulnerabilities > CVE-2019-20824 - NULL Pointer Dereference vulnerability in Foxitsoftware Phantompdf

CVSS 5.0 - MEDIUM

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

foxitsoftware

CWE-476

NVD

Published: 2020-06-04

Updated: 2020-06-04

Summary

An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file.

Vulnerable Configurations

Part	Description	Count
Application	Foxitsoftware Foxitsoftware Phantompdf 1.0.2 Foxitsoftware Phantompdf 2.0 Foxitsoftware Phantompdf 2.1 Foxitsoftware Phantompdf 2.1.1 Foxitsoftware Phantompdf 2.2 Foxitsoftware Phantompdf 2.2.1 Foxitsoftware Phantompdf 2.2.3 Foxitsoftware Phantompdf 3.0.1 Foxitsoftware Phantompdf 3.3 Foxitsoftware Phantompdf 3.4 Foxitsoftware Phantompdf 5.0.2 Foxitsoftware Phantompdf 5.0.2.0721 Foxitsoftware Phantompdf 5.0.3 Foxitsoftware Phantompdf 5.0.3.0811 Foxitsoftware Phantompdf 5.1 Foxitsoftware Phantompdf 5.1.1.1214 Foxitsoftware Phantompdf 5.1.2 Foxitsoftware Phantompdf 5.1.2.0305 Foxitsoftware Phantompdf 5.2 Foxitsoftware Phantompdf 5.2.0.0502 Foxitsoftware Phantompdf 5.2.1 Foxitsoftware Phantompdf 5.2.1.0615 Foxitsoftware Phantompdf 5.4 Foxitsoftware Phantompdf 5.4.0.0902 Foxitsoftware Phantompdf 5.4.2 Foxitsoftware Phantompdf 5.4.2.0918 Foxitsoftware Phantompdf 5.4.3 Foxitsoftware Phantompdf 5.4.3.1106 Foxitsoftware Phantompdf 6.0 Foxitsoftware Phantompdf 6.0.2.0413 Foxitsoftware Phantompdf 6.0.5 Foxitsoftware Phantompdf 6.0.5.0618 Foxitsoftware Phantompdf 6.0.7 Foxitsoftware Phantompdf 6.0.7.0806 Foxitsoftware Phantompdf 6.1 Foxitsoftware Phantompdf 6.1.1.1025 Foxitsoftware Phantompdf 6.1.2 Foxitsoftware Phantompdf 6.1.2.1227 Foxitsoftware Phantompdf 6.2 Foxitsoftware Phantompdf 6.2.0.0429 Foxitsoftware Phantompdf 6.2.1 Foxitsoftware Phantompdf 6.2.1.0168 Foxitsoftware Phantompdf 7.0 Foxitsoftware Phantompdf 7.0.3.916 Foxitsoftware Phantompdf 7.0.6 Foxitsoftware Phantompdf 7.0.6.1126 Foxitsoftware Phantompdf 7.1 Foxitsoftware Phantompdf 7.1.0.306 Foxitsoftware Phantompdf 7.1.3.320 Foxitsoftware Phantompdf 7.1.5 Foxitsoftware Phantompdf 7.1.5.425 Foxitsoftware Phantompdf 7.2 Foxitsoftware Phantompdf 7.2.0.0722 Foxitsoftware Phantompdf 7.2.0.722 Foxitsoftware Phantompdf 7.2.2 Foxitsoftware Phantompdf 7.2.2.0929 Foxitsoftware Phantompdf 7.3 Foxitsoftware Phantompdf 7.3.0.0118 Foxitsoftware Phantompdf 7.3.0.118 Foxitsoftware Phantompdf 7.3.4 Foxitsoftware Phantompdf 7.3.4.0311 Foxitsoftware Phantompdf 7.3.9 Foxitsoftware Phantompdf 7.3.9.0816 Foxitsoftware Phantompdf 7.3.11 Foxitsoftware Phantompdf 7.3.11.1122 Foxitsoftware Phantompdf 7.3.13 Foxitsoftware Phantompdf 7.3.13.421 Foxitsoftware Phantompdf 7.3.15 Foxitsoftware Phantompdf 7.3.15.712 Foxitsoftware Phantompdf 7.3.17 Foxitsoftware Phantompdf 7.3.17.906 Foxitsoftware Phantompdf 8.0 Foxitsoftware Phantompdf 8.0.0.624 Foxitsoftware Phantompdf 8.0.2 Foxitsoftware Phantompdf 8.0.2.805 Foxitsoftware Phantompdf 8.1 Foxitsoftware Phantompdf 8.1.0.1013 Foxitsoftware Phantompdf 8.1.1 Foxitsoftware Phantompdf 8.1.1.1115 Foxitsoftware Phantompdf 8.2 Foxitsoftware Phantompdf 8.2.0.2192 Foxitsoftware Phantompdf 8.2.1 Foxitsoftware Phantompdf 8.2.1.6871 Foxitsoftware Phantompdf 8.3 Foxitsoftware Phantompdf 8.3.0.14878 Foxitsoftware Phantompdf 8.3.1 Foxitsoftware Phantompdf 8.3.1.21155 Foxitsoftware Phantompdf 8.3.2 Foxitsoftware Phantompdf 8.3.2.25013 Foxitsoftware Phantompdf 8.3.5 Foxitsoftware Phantompdf 8.3.5.30351 Foxitsoftware Phantompdf 8.3.6 Foxitsoftware Phantompdf 8.3.6.35572 Foxitsoftware Phantompdf 8.3.7 Foxitsoftware Phantompdf 8.3.7.38093 Foxitsoftware Phantompdf 8.3.8.39677 Foxitsoftware Phantompdf 8.3.9.41099 Foxitsoftware Phantompdf 8.3.10 Foxitsoftware Phantompdf 8.3.10.42705	99

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://www.foxitsoftware.com/support/security-bulletins.php