CVE-2019-5145— Foxit Reader JavaScript引擎资源管理错误漏洞

N/A

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

N/A

释放后使用

Foxit Reader JavaScript引擎资源管理错误漏洞

Foxit Reader是中国福昕（Foxit）公司的一款PDF文档阅读器。 Foxit Reader 9.7.0.29435版本中的JavaScript引擎存在资源管理错误漏洞。攻击者可通过诱使用户打开恶意的文件利用该漏洞执行任意代码。

N/A

N/A