CVE-2019-14211
Description
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Foxit PhantomPDF before 8.3.11 crashes due to missing validation of object existence during JavaScript execution.
Vulnerability
Foxit PhantomPDF versions prior to 8.3.11 fail to properly validate the existence of an object before performing operations on it when executing JavaScript [1]. This flaw can cause the application to crash when processing specially crafted PDF files.
Exploitation
An attacker can exploit this vulnerability by creating a malicious PDF file containing JavaScript code that references a non-existent object. The victim must open the crafted PDF in an affected version of Foxit PhantomPDF, triggering the crash without any additional user interaction beyond opening the file.
Impact
Successful exploitation leads to a denial of service as the application crashes. No further impact (such as code execution or data disclosure) has been reported for this issue.
Mitigation
The vulnerability is fixed in Foxit PhantomPDF version 8.3.11 and later. Users should update to the latest version available from Foxit's security bulletins [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Foxit/PhantomPDFdescription
- Range: <8.3.11
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/109358mitrevdb-entryx_refsource_BID
- www.foxitsoftware.com/support/security-bulletins.phpmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.