Endpoint Vulnerability

Security updates available in Foxit Reader 9.7.1 and Foxit PhantomPDF 9.7.1

Description

Addressed potential issues where the application could be exposed to Use-After-Free Remote Code Execution vulnerability when handling watermarks, AcroForm objects, text field or JavaScript field objects in PDF files due to the use of objects after it had been freed without proper validation (ZDI-CAN-9358/ZDI-CAN-9640/ZDI-CAN-9400/CVE-2019-5126/CVE-2019-5131/CVE-2019-5130/CVE-2019-5145/ZDI-CAN-9862).

Affected Products

Foxit Reader