Null pointer dereference

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary...

Design/Logic Flaw

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm...

Design/Logic Flaw

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSGSignatureF and CPDFDocument destruction...

Null pointer dereference

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer...

Design/Logic Flaw

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object...

Design/Logic Flaw

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript...

Code injection

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function...

Null pointer dereference

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object...

Design/Logic Flaw

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object caused by an append error...

CVE-2019-14215

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer...

CVE-2019-14215

The vulnerability CVE-2019-14215 affects Foxit PhantomPDF before 8.3.11, where calling xfa.event.rest in XFA JavaScript can crash the application due to accessing a wild pointer. Affected component: PhantomPDF’s XFA/JavaScript handling. Impact stated as crash (partial availability impact per CVSS...

CVE-2019-14214

Foxit PhantomPDF

CVE-2019-14214

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function...

CVE-2019-14213

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSGSignatureF and CPDFDocument destruction...

CVE-2019-14213

CVE-2019-14213 affects Foxit PhantomPDF before 8.3.11. The issue is a crash caused by repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction. Impact is a crash/DoS vector as described in multiple sources. Remediation: upgrade to version 8.3.11 or later wh...

CVE-2019-14212

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object...

CVE-2019-14212

CVE-2019-14212 affects Foxit PhantomPDF before 8.3.11. The issue is a NULL pointer dereference when executing certain XFA JavaScript, arising from inadequate validation of an object, which can cause the application to crash. Impact in the associated records is limited to crashes; exploitation det...

CVE-2019-14211

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript...

CVE-2019-14211

CVE-2019-14211 affects Foxit PhantomPDF before 8.3.11. The issue is a crash caused by lack of proper validation for the existence of an object before performing operations on it during JavaScript execution. The impact stated is application crash (availability) with exploitation tied to JavaScript...

CVE-2019-14210

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object...