Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2019-6776

Foxit PhantomPDF 9.5.0.20723 and earlier are affected by a removeField/AcroForms watermark handling flaw. The vulnerability stems from not validating the existence of an object before performing operations, enabling remote code execution when a user opens a malicious page or file. Multiple connec...

CVE-2019-13317

The CVE-2019-13317 entry concerns Foxit PhantomPDF. Affects PhantomPDF 9.5.0.20723 and earlier, with the root cause in the Calculate actions handling: the code performs operations on an object without first validating its existence. This leads to remote code execution in the context of the curren...

CVE-2019-13317

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2019-13316

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2019-13316

Foxit PhantomPDF 9.5.0.20723 is affected by CVE-2019-13316. The flaw lies in the handling of Calculate actions where the code fails to validate the existence of an object before performing operations, enabling remote code execution in the context of the current process. Exploitation requires user...

Foxit PhantomPDF Dwg2Pdf DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of...

Foxit PhantomPDF Dwg2Pdf DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of...

Foxit PhantomPDF Dwg2Pdf DXF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DX...

Foxit PhantomPDF Dwg2Pdf DXF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of...

Foxit Reader and PhantomPDF XFA xdpContent Information Disclosure (CVE-2018-3956)

An information disclosure exists in Foxit Reader and PhantomPDF. This vulnerability is due to improper handling of the xdpContent property of a submit object...

Foxit Reader and PhantomPDF XFA xdpContent Information Disclosure (CVE-2018-3956)

An information disclosure exists in Foxit Reader and PhantomPDF. This vulnerability is due to improper handling of the xdpContent property of a submit object...

Foxit PhantomPDF < 8.3.11 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.11. It is, therefore affected by multiple vulnerabilities: - An uninitialized pointer flaw exists when calling xfa.event.rest XFA JavaScript that can cause the...

Foxit PhantomPDF < 8.3.10 Multiple Vulnerabilities (Jul 2019) - Windows

Foxit PhantomPDF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:phantompdf";...

Foxit PhantomPDF < 8.3.11 Multiple Vulnerabilities (Jul 2019) - Windows

Foxit PhantomPDF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:phantompdf";...

Foxit PhantomPDF Code Issue Vulnerability

Foxit PhantomPDF is China's Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit PhantomPDF versions prior to 8.3.10. An attacker could exploit this vulnerability to corrupt memory...

Foxit PhantomPDF Denial of Service Vulnerability (CNVD-2019-24196)

PhantomPDF is a multifunctional PDF editor. A denial of service vulnerability exists in Foxit PhantomPDF versions prior to 8.3.11 when calling the clone function. The vulnerability stems from an infinite loop caused by an obfuscation of the relationship between the factor object and the parent...

Foxit PhantomPDF Denial of Service Vulnerability (CNVD-2019-24199)

PhantomPDF is a multifunctional PDF editor. A denial of service vulnerability exists in Foxit PhantomPDF versions prior to 8.3.11. The vulnerability stems from the application crashing due to accessing a wild pointer when calling the xfa.event.rest XFA JavaScript. An attacker could exploit this...

Foxit PhantomPDF Denial of Service Vulnerability (CNVD-2019-24200)

PhantomPDF is a multifunctional PDF editor. A denial of service vulnerability exists in Foxit PhantomPDF versions prior to 8.3.10 when deleting pages from a document containing only one page by calling the "t.hidden = true" function. An attacker can exploit this vulnerability to cause a denial of...