An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has a use-after-free because of JavaScript execution after a deletion or close operation.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13806
Reference (s):
- https://www.foxitsoftware.com/support/security-bulletins.php