Vulnerabilities > CVE-2020-26535 - Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
foxitsoftware
CWE-787
NVD
Published: 2020-10-02
Updated: 2020-10-05

Summary

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. If TslAlloc attempts to allocate thread local storage but obtains an unacceptable index value, V8 throws an exception that leads to a write access violation (and read access violation).

Vulnerable Configurations

Part Description Count
Application
Foxitsoftware
251

Common Weakness Enumeration (CWE)

References