Foxit PhantomPDF 缓冲区错误漏洞

Foxit PhantomPDF is China's Foxit Foxit company a PDF document reader. Foxit PhantomPDF suffers from an out-of-bounds read vulnerability when processing U3D objects in PDF files. The vulnerability is caused due to a lack of proper validation of user-supplied data, which could result in reading...

PT-2020-20846 · Apple · Macos Big Sur +3

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 14.2 iPadOS versions prior to 14.2 macOS Big Sur versions prior to 11.0.1 Description: An out-of-bounds write issue was addressed with improved input validation. Processing a maliciously crafted PDF may lead to arbitrary...

Denial Of Service (DoS)

chromium-browser is vulnerable to denial of service DoS. The vulnerability exists when a PDF document is processed through j2k.c, jp2.c, and t2.c...

Design/Logic Flaw

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution...

Kingsoft PDF is vulnerable to dll hijacking

Kingsoft PDF is a PDF file format for reading and processing tools, but also an important component of WPS. Kingsoft PDF has a dll hijacking vulnerability when processing pdf files. Attackers can use the vulnerability to load malicious dll, the execution of malicious code...

CVE-2019-5067

An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized memory, resulting in memory corruption and possibly arbitrary code execution. To trigger this...

Vulnerability Spotlight: Multiple vulnerabilities in Aspose PDF API

Marcin Noga of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple remote code execution vulnerabilities in the Aspose.PDF API. Aspose provides a series of APIs for manipulating or converting a large family of document formats. These vulnerabilities exist in API...

MGASA-2019-0117 Updated poppler packages fix security vulnerabilities

The updated poppler packages fix security vulnerabilities: In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup by crafting a PDF file in which an xref data...

Foxit Reader and PhantomPDF Out-of-Bounds Read Vulnerability

Foxit Reader for Windows is China's Foxit Foxit software company's a Windows-based platform for PDF document reader. PhantomPDF for Windows is its commercial version. An out-of-bounds read vulnerability exists in the processing of PDF files in Foxit Reader 9.3.0.10826 and earlier versions for...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PT-2019-18183 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 11.5.1 through 11.5.8 BIG-IP versions 11.6.1 through 11.6.3.2 BIG-IP versions 12.1.0 through 12.1.3.7 BIG-IP version 13.0.0 Description: The Application Acceleration Manager AAM wamd process in BIG-IP fails to drop group...

Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PT-2019-18288 · Foxit · Foxit Reader

Name of the Vulnerable Software and Affected Versions: Foxit Reader affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a...

CVE-2018-17699

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2018-14317

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-14317

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Type confusion

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Integer Overflow

libpoppler.so is vulnerable to integer overflows. A malicious user can pass a PDF file with an embedded JPEG 2000 encoded image in it to cause an integer overflow that can crash the application or cause arbitrary code to be executed...

DEBIAN-CVE-2017-18185

An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the PlBuffer::write function in PlBuffer.cc. It is caused by an integer overflow in the PNG filter...

Adobe Acrobat/Reader Out-of-Bounds Read Vulnerability (CNVD-2017-36601)

Adobe Acrobat and Reader is the United States of America Odooby publicly issued PDF file processing program. Adobe Acrobat and Reader processing PDF files exist out-of-bounds read vulnerability, allowing remote attackers can exploit the vulnerability to submit a special file, inducing the user to...