CVE-2018-17610

Foxit PhantomPDF and Foxit Reader are affected by CVE-2018-17610, with the vulnerability exploitable in versions before 9.3. The issue arises from how properties of Annotation objects are mishandled, enabling remote attackers to execute arbitrary code or cause a denial of service (use-after-free)...

CVE-2018-17610

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service use-after-free because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects...

CVE-2018-17609

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service use-after-free because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects...

CVE-2018-17607

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service use-after-free because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects...

Foxit PhantomPDF fxhtml2pdf HTML Conversion Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within fxhtml2pdf. The...

CVE-2018-14295

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2018-14295

Summary: CVE-2018-14295 affects Foxit PhantomPDF (and Foxit Reader) with a PDF-parsing flaw. A vulnerability in how shading patterns are processed can cause an integer overflow before buffer allocation, enabling remote code execution when a user opens a malicious file/page or visits a crafted pag...

Foxit PhantomPDF integer overflow vulnerability (CNVD-2018-14069)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. An integer overflow vulnerability exists in the handling of PDF documents in Foxit PhantomPDF 9.1.0.5096 and earlier versions for Windows platforms, which arises from a process...

Foxit Reader and PhantomPDF Memory Misreference Vulnerability (CNVD-2018-14451)

Foxit Reader is a Chinese Foxit Foxit software company of a PDF document reader.PhantomPDF is a commercial version. A memory misreference vulnerability exists in Foxit Reader versions prior to 9.2 and PhantomPDF versions prior to 9.2. A remote attacker could exploit this vulnerability to execute...

CVE-2018-14442

Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs...

Design/Logic Flaw

Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs...

CVE-2018-14442

Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs...

CVE-2018-14442

Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs...

CVE-2018-14442

Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free vulnerability that leads to Remote Code Execution. The connected documents consistently identify a memory misreference/UAF as the root cause and confirm impact as RCE. No exploit details or in-the-wild status are provided. Re...

Foxit PhantomPDF 'JavaScript' Remote Code Execution Vulnerabilities - Windows

Foxit PhantomPDF is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Foxit PhantomPDF PDF Parsing Shading Pattern Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit PhantomPDF Multiple Code Execution Vulnerabilities (May 2018) - Windows

Foxit PhantomPDF is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Foxit Reader and PhantomPDF Type Obfuscation Vulnerability

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A type confusion vulnerability exists in Foxit Reader prior to version 9.1 and PhantomPDF prior to version 9.1, which results from the program failing to properly validate...

Foxit Reader and PhantomPDF Remote Code Execution Vulnerability (CNVD-2018-11901)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A security vulnerability exists in the parsing of u3d images in PDF files in Foxit Reader prior to 9.1 and PhantomPDF prior to 9.1, which stems from the program failing to...

Foxit Reader and PhantomPDF Remote Code Execution Vulnerability (CNVD-2018-11903)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A remote code execution vulnerability exists in Foxit Reader versions prior to 9.1 and PhantomPDF versions prior to 9.1, which results from the program failing to properly...