Foxit PhantomPDF prior 9.6.0.25114 DWG File information disclosure
| CVSS Meta Temp Score | Current Exploit Price (β) |
|---|---|
| 4.1 | $0-$5k |
A vulnerability, which was classified as problematic, has been found in Foxit PhantomPDF. Affected by this issue is an unknown function of the component DWG File Handler. The manipulation with an unknown input leads to a information disclosure vulnerability. Using CWE to declare the problem leads to CWE-200. Impacted is confidentiality.
The weakness was published 10/25/2019. This vulnerability is handled as CVE-2019-17143 since 10/04/2019. The attack may be launched remotely. There are neither technical details nor an exploit publicly available.
Upgrading to version 9.6.0.25114 eliminates this vulnerability.
Similar entries are available at 144202, 144201, 144199 and 144198.
Vendor
Name
VulDB Meta Base Score: 4.3
VulDB Meta Temp Score: 4.1
VulDB Base Score: β4.3
VulDB Temp Score: β4.1
VulDB Vector: π
VulDB Reliability: π
VulDB Base Score: π
VulDB Temp Score: π
VulDB Reliability: π
Class: Information disclosure (CWE-200)
Local: No
Remote: Yes
Availability: π
Status: Not defined
Price Prediction: π
Current Price Estimation: π
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Threat: π
Adversaries: π
Geopolitics: π
Economy: π
Predictions: π
Remediation: πRecommended: Upgrade
Status: π
0-Day Time: π
Upgrade: PhantomPDF 9.6.0.25114
10/04/2019 CVE assigned
10/25/2019 Advisory disclosed
10/26/2019 VulDB entry created
10/26/2019 VulDB last updateVendor: foxitsoftware.com
CVE: CVE-2019-17143 (π)
See also: πCreated: 10/26/2019 12:10 PM
Complete: π
Download it now for free!
https://vuldb.com/?id.144200
Gloss