Intrusion Prevention

Foxit.PhantomPDF.AcroForm.addWatermarkFromText.Use.After.Free

Description

This indicates an attack attempt to exploit a Use After Free Vulnerability in Foxit Software PhantomPDF.
This vulnerability is due to improper handling of AcroForm addWatermarkFromText objects. A remote attacker could exploit this vulnerability by enticing a user to open a crafted PDF document. Successful exploitation could allow the attacker to execute arbitrary code in the context of the application.

Affected Products

Foxit Software PhantomPDF 9.7.0.29455 and earlier

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.foxitsoftware.com/support/security-bulletins.php

CVE References

CVE-2020-8845