Platform
windows
Component
foxit-phantompdf
Opgelost in
9.3.10827
CVE-2019-6752 is an information disclosure vulnerability affecting Foxit PhantomPDF versions 9.3.10826. This flaw stems from insufficient validation of user-supplied data during PDF document parsing, potentially allowing attackers to read beyond allocated memory regions. Successful exploitation requires user interaction, such as visiting a malicious webpage or opening a crafted PDF file. The vulnerability is resolved in version 9.3.10827.
An attacker can exploit CVE-2019-6752 to disclose sensitive information stored within a PDF document or potentially gain control of the system. The vulnerability's impact is amplified by the possibility of chaining it with other vulnerabilities to achieve remote code execution. While the CVSS score is LOW, the potential for information leakage and subsequent exploitation warrants immediate attention. The ability to read beyond allocated memory regions is a critical security concern, as it can expose internal data structures and program logic.
CVE-2019-6752 was publicly disclosed on June 3, 2019. There is no indication of active exploitation campaigns targeting this vulnerability. No public proof-of-concept exploits are readily available. The vulnerability is not currently listed on the CISA KEV catalog. The LOW CVSS score suggests a relatively low probability of exploitation, but the potential for information disclosure remains a concern.
Users who rely on Foxit PhantomPDF for viewing and processing PDF documents, particularly those who frequently handle documents from untrusted sources, are at risk. Organizations with legacy systems running older, unpatched versions of PhantomPDF are also vulnerable. Shared hosting environments where multiple users access the same PhantomPDF installation should be prioritized for patching.
• windows / supply-chain:
Get-Process -Name "PhantomPDF.exe" -ErrorAction SilentlyContinue |
Select-Object ProcessId, CommandLine• windows / supply-chain:
Get-WinEvent -LogName Application -Filter "EventID=1000 -ProviderName FoxitSoftware.PhantomPDF" -ErrorAction SilentlyContinue• windows / supply-chain: Check Autoruns for unusual entries related to Foxit PhantomPDF (using Autoruns utility).
disclosure
Exploit Status
EPSS
0.13% (32% percentiel)
CVSS-vector
The primary mitigation for CVE-2019-6752 is to upgrade Foxit PhantomPDF to version 9.3.10827 or later. If upgrading is not immediately feasible, consider restricting user access to untrusted PDF files and websites. Implement network-level controls to block access to known malicious domains. While a direct WAF rule is unlikely, monitoring for unusual file access patterns or PDF processing activity could provide early warning signs. After upgrading, confirm the fix by attempting to open a known malicious PDF file (in a controlled environment) and verifying that no sensitive information is disclosed.
Actualice Foxit PhantomPDF a una versión posterior a la 9.3.10826. Consulte el boletín de seguridad de Foxit para obtener más detalles e instrucciones específicas sobre la actualización.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2019-6752 is a LOW severity information disclosure vulnerability in Foxit PhantomPDF 9.3.10826. It allows attackers to potentially read sensitive data due to improper data validation when parsing PDF files.
You are affected if you are using Foxit PhantomPDF version 9.3.10826 or earlier. Upgrade to version 9.3.10827 or later to mitigate the vulnerability.
Upgrade Foxit PhantomPDF to version 9.3.10827 or later. This resolves the data validation issue that leads to the information disclosure vulnerability.
There is no current evidence of active exploitation campaigns targeting CVE-2019-6752, but the potential for information disclosure remains a concern.
Refer to the Foxit Security Bulletin for details: [https://www.foxit.com/security/bulletins/pdf-phantompdf-sa-0020](https://www.foxit.com/security/bulletins/pdf-phantompdf-sa-0020)
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.