24 matches found
USN-8295-1 evince vulnerability
It was discovered that Evince did not properly sanitize command-line arguments in PDF /GoToR actions. If a user opened a specially crafted PDF file, an attacker could possibly use this issue to execute arbitrary code...
USN-8295-1: Evince vulnerability
It was discovered that Evince did not properly sanitize command-line arguments in PDF /GoToR actions. If a user opened a specially crafted PDF file, an attacker could possibly use this issue to execute arbitrary code...
EUVD-2018-13758
Malware in sbrugna...
EUVD-2018-13755
Malware in sbrugna...
CVE-2018-21237
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action...
CVE-2018-21239
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action...
CVE-2018-21242
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action...
Foxit PhantomPDF NTLM Credential Stealing Vulnerability
Foxit PhantomPDF is China Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit PhantomPDF versions prior to 8.3.7. The vulnerability can be exploited to obtain NTLM credentials through GoToE or GoToR operations...
Foxit PhantomPDF Information Disclosure Vulnerability (CNVD-2020-32466)
Foxit PhantomPDF is China's Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit PhantomPDF versions prior to 8.3.6. The vulnerability can be exploited by remote attackers to execute code via GoToE or GoToR operations...
Unspecified Vulnerability in Foxit Reader and PhantomPDF (CNVD-2020-32463)
Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit Reader prior to version 9.2 and PhantomPDF prior to version 9.2. The vulnerability can be exploited to obtain NTLM credentials through GoToE or GoToR operations...
CVE-2018-21242
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action...
CVE-2018-21237
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action...
CVE-2018-21239
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action...
CVE-2018-21237
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action...
CVE-2018-21239
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action...
Deserialization of untrusted data
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action...
Remote code execution
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action...
CVE-2018-21237
CVE-2018-21237 affects Foxit PhantomPDF prior to 8.3.7. The vulnerability enables NTLM credential theft via GoToE or GoToR actions in the affected PDF reader. The available connected records corroborate the issue and its attribution to Foxit PhantomPDF versions before 8.3.7, with multiple sources...
CVE-2018-21239
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action...
CVE-2018-21239
CVE-2018-21239 affects Foxit Reader and PhantomPDF before 9.2. The issue enables NTLM credential theft via a GoToE or GoToR action in PDFs. Root cause is information leakage via GoTo actions, leading to partial confidentiality impact per CVSS (2.0: 5.0, 3.1: 5.3). Affected products are Foxit Read...