Foxit PDF Reader < 11.2.2 Multiple Vulnerabilities

According to its version, the Foxit PDF Reader application previously named Foxit Reader installed on the remote Windows host is prior to 11.2.2. It is, therefore affected by multiple vulnerabilities: - Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash...

PT-2022-17428 · Foxit · Foxit Pdf Reader +2

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions prior to 11.2.2 PDF Editor versions prior to 11.2.2 PhantomPDF versions prior to 10.1.8 Description: The issue arises from the mishandling of cross-reference information during compressed-object parsing within signed...

CVE-2021-33793

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion...

CVE-2021-33793

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion...

Out-of-bounds

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion...

Foxit Reader和Foxit PhantomPDF 缓冲区错误漏洞

Foxit Reader and Foxit PhantomPDF are both PDF document readers from the Chinese company Foxit. A security vulnerability exists in Foxit Reader versions prior to 10.1.4 and PhantomPDF versions prior to 10.1.4, which stems from the software's mishandling of cross-reference tables during the...

Vulnerability of the DAOpenFile or DAOpenFileReadOnly function implementation in the PDF handling library. The Quick PDF Library allows unauthorized access to protected information or causes service failures.

The vulnerability of the DAOpenFile or DAOpenFileReadOnly functions in the PDF handling library of the Quick PDF Library lies in the issue of the operation going beyond the buffer in memory when processing xref entries. Exploiting this vulnerability could allow an attacker to gain unauthorized...

The vulnerability of the implementation of functions LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile, or DAOpenFileReadOnly in the PDF handling library “Quick PDF Library” allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the implementations of the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile, or DAOpenFileReadOnly functions in the PDF handling library is related to the occurrence of operations outside the buffer in memory when processing xref entries. Exploitation of this...

[SECURITY] Fedora 33 Update: cflow-1.6-8.fc33

GNU cflow analyzes a collection of C source files and prints a graph, charting control flow within the program. GNU cflow is able to produce both direct and inverted flowgraphs for C sources. Optionally a cross-reference listing can be generated. Two output formats are implemented: POSIX and GNU...

[SECURITY] Fedora 34 Update: cflow-1.6-8.fc34

GNU cflow analyzes a collection of C source files and prints a graph, charting control flow within the program. GNU cflow is able to produce both direct and inverted flowgraphs for C sources. Optionally a cross-reference listing can be generated. Two output formats are implemented: POSIX and GNU...

CVE-2020-6115

An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will save a reference to the...

CVE-2020-6115

An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will save a reference to the...

CVE-2020-6113

An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order to allocate memory for...

CVE-2020-6115

An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will save a reference to the...

Nitro Pro XRefTable Entry Missing Object Code Execution Vulnerability

Talos Vulnerability Report TALOS-2020-1068 Nitro Pro XRefTable Entry Missing Object Code Execution Vulnerability September 15, 2020 CVE Number CVE-2020-6115 SUMMARY An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro...

CVE-2020-13808

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data...

CVE-2020-13808

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data...

Design/Logic Flaw

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data...

CVE-2020-13808

CVE-2020-13808 affects Foxit Reader and PhantomPDF prior to 9.7.2. The issue enables resource consumption via crafted cross-reference stream data, described as a resource management vulnerability that can lead to denial of service. The public documents do not provide exploitation details or concr...

CVE-2020-13808

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data...