Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2018/11/30 12:0 a.m.38 views

Foxit PhantomPDF < 8.3.8 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.7. It is, therefore, affected by multiple arbitrary code execution and information disclosure vulnerabilities. C Tenable Network Security, Inc...

8.8CVSS8.1AI score0.09482EPSS
Exploits15References32
Tenable Nessus
Tenable Nessus
added 2018/10/12 12:0 a.m.31 views

Foxit Reader < 9.3 Multiple Vulnerabilities

The version of Foxit Reader installed on the remote Windows host is prior to 9.3. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid118093; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate",...

8.8CVSS7.2AI score0.09482EPSS
Exploits15References32
OSV
OSV
added 2018/10/08 4:29 p.m.2 views

CVE-2018-3940

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused. An attacker needs to trick the user to open the malicious file to trigger...

8.8CVSS5.8AI score0.02114EPSS
Exploits1References3
CVE
CVE
added 2018/10/08 4:0 p.m.81 views

CVE-2018-3940

CVE-2018-3940 concerns Foxit PDF Reader’s JavaScript engine. The issue is a use-after-free vulnerability in Foxit PDF Reader 9.1.0.5096 that can be triggered by a specially crafted PDF, allowing memory reuse of a previously freed object. An attacker must entice the user to open the malicious file...

8.8CVSS7.9AI score0.02114EPSS
Exploits1References3Affected Software2
Check Point Advisories
Check Point Advisories
added 2018/10/02 12:0 a.m.4 views

Foxit Reader and PhantomPDF Multiple Use After Free Vulnerabilities (CVE-2018-3940; CVE-2018-3941; CVE-2018-3942; CVE-2018-3943; CVE-2018-3944; CVE-2018-3945; CVE-2018-3946)

A remote code execution vulnerability exists in Foxit Reader and PhantomPDF. The vulnerability is due to a use-after-free error while handling a specially crafted PDF file. Successful exploitation could lead to arbitrary code execution. Additional CVEs: CVE-2018-3957, CVE-2018-3958, CVE-2018-3959...

6.8CVSS8.6AI score0.09482EPSS
Exploits15
Rows per page
Query Builder