Intrusion PreventionFoxit.Reader.JavaScript.popUpMenu.Use.After.Free
Description
This indicates an attack attempt to exploit a Memory Corruption Vulnerability in Foxit Software PhantomPDF
A remote attacker could exploit this vulnerability by enticing a user to open a crafted PDF document. Successful exploitation could allow the attacker to execute arbitrary code in the context of the application.
Affected Products
Foxit Software Foxit Reader 9.3.0.10826 and earlier
Foxit Software PhantomPDF 8.3.8.39677 and earlier
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor:
https://www.foxitsoftware.com/support/security-bulletins.php
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-11-13 | 14.723 | Sig Added |
| 2019-05-08 | 14.609 | Sig Added |
| 2019-04-16 | 14.595 | Default_action:pass:drop |
| 2019-04-05 | 14.587 |
| ID | 47689 |
| Created | Apr 08, 2019 |
| Updated | Nov 12, 2019 |
| Risk |
|
| CVE ID | CVE-2019-6730 |
| Exploit Prediction Score | 4.38% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, MacOS |
| Affected App | Other |