{"vulnerability": "CVE-2020-13547", "sightings": [{"uuid": "6ac0f0c7-4d2c-47bc-a3c9-c58a5781aff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-13547", "type": "seen", "source": "https://t.me/cibsecurity/21186", "content": "\u203c CVE-2020-13547 \u203c\n\nA type confusion vulnerability exists in the JavaScript engine of Foxit Software\u00e2\u20ac\u2122s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-22T22:53:20.000000Z"}, {"uuid": "82e6baf3-e1c9-4e58-9685-a960a8669159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-13547", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2282", "content": "#Threat_Research\n1. Prototype Pollution PoC\n(Affecting\u00a0ini\u00a0package, versions\u00a0<1.3.6)\nhttps://snyk.io/vuln/SNYK-JS-INI-1048974\n2. Foxit Reader JavaScript media openPlayer type confusion vulnerability (PoC for CVE-2020-13547)\nhttps://talosintelligence.com/vulnerability_reports/TALOS-2020-1165", "creation_timestamp": "2020-12-31T18:32:41.000000Z"}]}