1979 matches found
CVE-2019-17141
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17143
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2019-17141
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17142
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17139
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17141
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17142
Foxit PhantomPDF 9.6.0.25114 is affected by CVE-2019-17142. The vulnerability is a remote code execution flaw caused by processing of a script within a Keystroke action of a listbox field, arising from not validating the existence of an object before operating on it. Exploitation requires user in...
CVE-2019-17145
CVE-2019-17145 affects Foxit PhantomPDF 9.6.0.25114, with a vulnerability in the DXF-to-PDF conversion. The flaw is caused by insufficient validation of the length of user-supplied data before copying to a fixed-length stack-based buffer, enabling remote code execution in the context of the curre...
CVE-2019-17139
Foxit PhantomPDF 9.5.0.20723 is affected by CVE-2019-17139 due to an out-of-bounds write in the HTML2PDF plugin while processing JavaScript. The flaw arises from insufficient validation of user-supplied data, enabling remote code execution in the context of the current process. Exploitation requi...
CVE-2019-17144
CVE-2019-17144 affects Foxit PhantomPDF 9.6.0.25114. The flaw is in DWG-to-PDF conversion due to improper validation, causing an out-of-bounds write that can let an attacker execute code in the target process. Exploitation requires user interaction (visiting a malicious page or opening a maliciou...
CVE-2019-17141
Foxit PhantomPDF 9.6.0.25114 is affected by CVE-2019-17141. The vulnerability exists in the text field Calculate action where code execution is possible due to a missing validation of object existence before operations, allowing remote attackers to run code in the current process. The issue requi...
CVE-2019-17145
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17140
CVE-2019-17140 affects Foxit PhantomPDF 9.6.0.25114. The issue is a design/logic flaw in the OnFocus handling where code fails to validate the existence of an object before performing operations, enabling a remote attacker to execute arbitrary code in the context of the current process after the ...
CVE-2019-17139
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17143
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2019-17140
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-17143
CVE-2019-17143 affects Foxit PhantomPDF 9.6.0.25114. The root cause is a flaw in DWG file parsing where the code does not verify an object’s existence before operations, enabling information disclosure. Some sources note this could be combined with other vulnerabilities to achieve code execution ...