vulnerability

Foxit Reader: CVE-2019-5005: Out-of-bounds Write

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Jan 3, 2019

Added

Jan 24, 2020

Modified

May 4, 2026

Description

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. They allowed Denial of Service (application crash) via image data, because two bytes are written to the end of the allocated memory without judging whether this will cause corruption.

Solution

foxit_reader-update-latest

References

CVE-2019-5005
https://attackerkb.com/topics/CVE-2019-5005
https://www.foxitsoftware.com/support/security-bulletins.php
https://euvd.enisa.europa.eu/vulnerability/EUVD-2019-14612
CWE-787
EUVD-EUVD-2019-14612

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report