The vulnerabilities of the PDF editing program Foxit PhantomPDF and the PDF viewing program Foxit Reader allow a perpetrator to execute arbitrary code.

🗓️ 08 Feb 2016 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

Multiple use after free flaws in Foxit PhantomPDF and Foxit Reader enable code execution via PDFs.

Reporter	Title	Published	Views	Family All 13
Tenable Nessus	Foxit Reader < 7.2.2 Multiple Vulnerabilities	5 Aug 201600:00	–	nessus
CNVD	Foxit Reader/PhantomPDF Memory Misreference Vulnerability	18 Dec 201500:00	–	cnvd
CVE	CVE-2015-8580	16 Dec 201521:00	–	cve
Cvelist	CVE-2015-8580	16 Dec 201521:00	–	cvelist
EUVD	EUVD-2015-8458	7 Oct 202500:30	–	euvd
Kaspersky	KLA10724 Code execution vulnerability in Foxit products	16 Dec 201500:00	–	kaspersky
NVD	CVE-2015-8580	16 Dec 201521:59	–	nvd
OpenVAS	Foxit Reader Arbitrary Code Execution Vulnerability	31 Dec 201500:00	–	openvas
OpenVAS	Foxit PhantomPDF Arbitrary Code Execution Vulnerability	31 Dec 201500:00	–	openvas
Prion	Design/Logic Flaw	16 Dec 201521:59	–	prion

Vulners

Node

foxit_software pdf_editorRange≤7.2.2.929

OR

foxit_software pdf_readerRange≤7.2.8.1124

Source	Link
foxitsoftware	www.foxitsoftware.com/support/security-bulletins.php
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-15-623
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-15-622
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 26.8

EPSS0.00676

Foxit Phantom Foxit Reader memory flaws remote code execution