In Foxit Reader and PhantomPDF prior to 10.0.1, and PhantomPDF prior to 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
foxitsoftware phantompdf |
||
foxitsoftware reader |