1979 matches found
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17136
Foxit PhantomPDF 9.5.0.20723 is affected by a DXF-to-PDF parsing vulnerability. The flaw causes a read past the end of an allocated structure during DXF file conversion, allowing remote code execution in the attacker's context. Exploitation requires user interaction (visiting a malicious page or ...
CVE-2019-17136
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-13334
CVE-2019-13334 affects Foxit PhantomPDF 9.5.0.20723. The vulnerability is in the DXF-to-PDF conversion code and stems from improper validation of user-supplied data, causing a write past the end of an allocated structure and enabling memory corruption. This can lead to remote code execution in th...
CVE-2019-13333
CVE-2019-13333 affects Foxit PhantomPDF 9.5.0.20723. The vulnerability lies in the DXF-to-PDF conversion where insufficient validation can cause a write past the end of an allocated structure, enabling remote code execution when a user visits a crafted page/file. Exploitation context in the docum...
CVE-2019-13334
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17135
Foxit PhantomPDF 9.5.0.20723 is affected by CVE-2019-17135. The issue lies in DXF file parsing where insufficient validation leads to a memory corruption condition. This remote code execution vulnerability requires user interaction (target must open a malicious page or file) and can allow code ex...
Foxit PhantomPDF < 9.7.1 Multiple Vulnerabilities
According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 9.7.1. It is, therefore, affected by multiple vulnerabilities: - A use-after-free error exists related to handling watermarks, AcroForm objects, text fields, or...
Foxit Reader PhantomPDF Use After Free Code Execution (CVE-2019-6730)
A use after free vulnerability exists in Foxit Reader. This vulnerability is due to improper handling of freed objects in the JavaScript popUpMenu method. Successful exploitation could allow the attacker to execute arbitrary code in the context of the application...
Foxit PhantomPDF < 9.7 Multiple Vulnerabilities
According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 9.7. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's...
Foxit PhantomPDF < 9.5 Multiple Vulnerabilities
According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 9.5. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's...
Foxit PhantomPDF 8.x < 8.3.12 / 9.x < 9.7 Multiple Vulnerabilities
According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.x 8.3.12 / 9.x 9.7. It is, therefore affected by multiple vulnerabilities: - An out-of-bounds error exists in the V8 JavaScript engine. An unauthenticated, remot...
CVE-2019-17144
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17145
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17144
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17145
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17142
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17140
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17143
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2019-17141
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...