Uninitialized Object Information Disclosure in Foxit PhantomPDF and Reader

CVE-2018-17781 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to trigger Uninitialized Object Information Disclosure because creation of ArrayBuffer and DataView objects is mishandled.

Learn more about our Web Application Penetration Testing UK.