1979 matches found
CVE-2018-16294
An exploitable use-after-free in Foxit Reader before 9.3 and PhantomPDF before 9.3 within the JavaScript engine. A specially crafted PDF can trigger reuse of a previously freed object, enabling arbitrary code execution. User interaction is required (opening the malicious PDF); if the browser plug...
CVE-2018-16292
Summary of CVE-2018-16292 (Foxit Reader/PhantomPDF) : A use-after-free vulnerability in the JavaScript engine of Foxit Reader (before 9.3) and PhantomPDF (before 9.3) can be triggered by a specially crafted PDF to reuse a previously freed object, enabling arbitrary code execution. An attacker mus...
CVE-2018-16291
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...
CVE-2018-16294
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...
CVE-2018-16297
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16296. A specially crafted PDF document can...
CVE-2018-16292
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...
CVE-2018-16293
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...
CVE-2018-16295
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...
Foxit Reader and PhantomPDF Information Disclosure Vulnerability (CNVD-2018-20679)
Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. Foxit Reader and PhantomPDF 9.3 before the version of the information leakage vulnerability, the vulnerability stems from the program fails to properly create the ArrayBuffer an...
Foxit PhantomPDF < 9.3 Multiple Vulnerabilities - Windows
Foxit PhantomPDF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:phantompdf";...
Foxit PDF Reader Fixes High-Severity Remote Code Execution Flaws
Foxit Software has patched over 100 vulnerabilities in its popular Foxit PDF Reader. Many of the bugs tackled by the company include a wide array of high severity remote code execution vulnerabilities. Foxit on Friday released fixes for Foxit Reader 9.3 and Foxit PhantomPDF 9.3, which addressed a...
Foxit Reader and PhantomPDF Multiple Use After Free Vulnerabilities (CVE-2018-3940; CVE-2018-3941; CVE-2018-3942; CVE-2018-3943; CVE-2018-3944; CVE-2018-3945; CVE-2018-3946)
A remote code execution vulnerability exists in Foxit Reader and PhantomPDF. The vulnerability is due to a use-after-free error while handling a specially crafted PDF file. Successful exploitation could lead to arbitrary code execution. Additional CVEs: CVE-2018-3957, CVE-2018-3958, CVE-2018-3959...
Foxit Reader and PhantomPDF Memory Misreference Vulnerability (CNVD-2018-20727)
Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A security vulnerability exists in Foxit Reader and PhantomPDF versions prior to 9.3, which stems from the program's failure to properly handle the properties of the Annotation...
Foxit Reader and PhantomPDF Memory Misreference Vulnerability (CNVD-2018-20728)
Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A security vulnerability exists in Foxit Reader and PhantomPDF versions prior to 9.3, which stems from the program's failure to properly handle the properties of the Annotation...
Foxit Reader and PhantomPDF Memory Misreference Vulnerability (CNVD-2018-20729)
Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A security vulnerability exists in Foxit Reader and PhantomPDF versions prior to 9.3, which stems from the program's failure to properly handle the properties of the Annotation...
Foxit Reader and PhantomPDF Memory Misreference Vulnerability (CNVD-2018-20730)
Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A security vulnerability exists in Foxit Reader and PhantomPDF versions prior to 9.3, which stems from the program's failure to properly handle the properties of the Annotation...
Foxit Reader and PhantomPDF Memory Misreference Vulnerability (CNVD-2018-20731)
Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A security vulnerability exists in Foxit Reader and PhantomPDF versions prior to 9.3, which stems from the program's failure to properly handle the properties of the Annotation...
CVE-2018-17781
Foxit PhantomPDF and Reader before 9.3 allow remote attackers to trigger Uninitialized Object Information Disclosure because creation of ArrayBuffer and DataView objects is mishandled...
Information disclosure
Foxit PhantomPDF and Reader before 9.3 allow remote attackers to trigger Uninitialized Object Information Disclosure because creation of ArrayBuffer and DataView objects is mishandled...
CVE-2018-17781
Foxit PhantomPDF and Reader before 9.3 allow remote attackers to trigger Uninitialized Object Information Disclosure because creation of ArrayBuffer and DataView objects is mishandled...