Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Foxit Reader 和 Foxit PhantomPDF数据伪造问题漏洞
Vulnerability Description
Foxit Reader和Foxit PhantomPDF都是中国福昕(Foxit)公司的一款PDF文档阅读器。 Foxit Reader 9.3.0.10826及之前版本和PhantomPDF 9.3.0.10826及之前版本基于Windows平台存在数据伪造问题漏洞。攻击者可借助PDF文件利用该漏洞绕过签名验证并提供不正确的检测结果。
CVSS Information
N/A
Vulnerability Type
N/A