1. Home
  2. CVE Database
  3. CVE-2019-20827
CRITICAL · 9.8

CVE-2019-20827

An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space.

Vulnerability Description

An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
FoxitsoftwarePhantompdf< 3.3
FoxitsoftwareReader< 3.3

Related Weaknesses (CWE)

CWE-787

References

FAQ

What is CVE-2019-20827?

CVE-2019-20827 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space.

How severe is CVE-2019-20827?

CVE-2019-20827 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-20827?

Check the references section above for vendor advisories and patch information. Affected products include: Foxitsoftware Phantompdf, Foxitsoftware Reader.