Lucene search
K

1982 matches found

Check Point Advisories
Check Point Advisories
added 2017/09/24 12:0 a.m.32 views

Foxit Reader and PhantonPDF XFA gotoURL Command Injection (CVE-2017-10953; CVE-2019-8160)

A command injection vulnerability exists in the XFA component of Foxit Reader and PhantomPDF. This vulnerability is due to improper handling of user-supplied string for the gotoURL function call. A remote attacker could exploit this vulnerability by enticing a victim user to visit a malicious web...

6.8CVSS2.4AI score0.03195EPSS
Exploits0
Prion
Prion
added 2017/09/22 7:29 p.m.18 views

Code injection

Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at...

4.6CVSS7.8AI score0.07052EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2017/09/22 7:29 p.m.23 views

CVE-2017-14694

Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at...

7.8CVSS7.9AI score0.07052EPSS
Exploits0References4
CVE
CVE
added 2017/09/22 7:0 p.m.59 views

CVE-2017-14694

CVE-2017-14694 affects Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier when running in single instance mode. The vulnerability allows arbitrary code execution or denial of service via a crafted PDF, due to a fault in Data from Faulting Address that controls code ...

7.8CVSS7.8AI score0.07052EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/09/22 7:0 p.m.26 views

CVE-2017-14694

Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at...

7.9AI score0.07052EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/08/31 12:0 a.m.57 views

Foxit PhantomPDF < 8.3.2 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.2. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the app.launchURL method allowing a context-dependent attacker to potentially...

8.8CVSS8.6AI score0.07152EPSS
Exploits2References5
ThreatPost
ThreatPost
added 2017/08/22 12:33 p.m.29 views

Foxit to Fix PDF Reader Zero Days by Friday

In an about-face, Foxit Software says it will fix a pair of zero days in its PDF reader Foxit Reader and PhantomPDF, its PDF editing software. Foxit said it would push a patch for Reader and PhantomPDF, bringing the software to version 8.3.2, later this week—by Friday at the latest. The fixes com...

6.8CVSS2.2AI score0.07152EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2017/08/22 12:0 a.m.22 views

Foxit PhantomPDF < 7.3.15 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 7.3.15. It is, therefore, affected by multiple vulnerabilities : - An unspecified NULL pointer dereference flaw allows an unauthenticated, remote attacker to cause...

6.2AI score
Exploits0References1
Kaspersky
Kaspersky
added 2017/08/17 12:0 a.m.362 views

KLA11093 Arbitrary code execution vulnerabilities in Foxit Reader

Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper validation of user-supplied data in the saveAs Java script function can b...

8.8CVSS9.5AI score0.07152EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2017/07/13 12:0 a.m.34 views

Foxit PhantomPDF < 8.3.1 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.1. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists in the AFParseDateEx function. An unauthenticated, remote attacker...

9.3CVSS7.5AI score0.04941EPSS
Exploits0References10
CNVD
CNVD
added 2017/07/11 12:0 a.m.2 views

Foxit Reader and PhantomPDF Arbitrary Write Remote Code Execution Vulnerability

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A security vulnerability exists in Foxit Reader versions prior to 8.3.1 and PhantomPDF versions prior to 8.3.1. A remote attacker can exploit the vulnerability to execute...

9.3CVSS7.9AI score0.04941EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/07/11 12:0 a.m.27 views

Foxit PhantomPDF Arbitrary Write RCE Vulnerability - Windows

Foxit PhantomPDF is prone to an arbitrary write vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS7.5AI score0.04941EPSS
Exploits0References2
Prion
Prion
added 2017/07/07 4:29 p.m.22 views

Code injection

Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document...

9.3CVSS7.8AI score0.04941EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2017/07/07 4:29 p.m.19 views

CVE-2017-10994

Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document...

9.3CVSS7.5AI score0.04941EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/07/07 4:0 p.m.23 views

CVE-2017-10994

Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document...

7.7AI score0.04941EPSS
Exploits0References3
CVE
CVE
added 2017/07/07 4:0 p.m.65 views

CVE-2017-10994

Foxit CVE-2017-10994 affects Foxit Reader before 8.3.1 and Foxit PhantomPDF before 8.3.1. The vulnerability is described as an Arbitrary Write flaw that allows a remote attacker to execute arbitrary code via a crafted PDF document. Multiple connected advisories corroborate that the issue is a rem...

9.3CVSS7.6AI score0.04941EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2017/05/04 12:0 a.m.5 views

Foxit Reader Arbitrary Code Execution Vulnerability (CNVD-2017-06802)

Foxit Reader old name: Foxit PDF Reader, is a set of software used to read PDF format files, developed by Foxit Software Fujian Foxit Phantom is a professional PDF electronic document suite for businesses, running fast, easy to use and affordable. An arbitrary code execution vulnerability exists ...

7.8CVSS7.8AI score0.04079EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/04 12:0 a.m.4 views

Foxit Reader Information Disclosure Vulnerability

Foxit Reader old name: Foxit PDF Reader, is a set of software used to read PDF format files, developed by Foxit Software Fujian Foxit Phantom is a professional PDF electronic document suite for businesses, running fast, easy to use and affordable. An information disclosure vulnerability exists in...

8.8CVSS7.2AI score0.03939EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/04 12:0 a.m.2 views

Foxit Reader Remote Code Execution Vulnerability

Foxit Reader old name: Foxit PDF Reader, is a set of software used to read PDF format files, developed by Foxit Software Fujian Foxit Phantom is a professional PDF electronic document suite for businesses, running fast, easy to use and affordable. A remote code execution vulnerability exists in...

8.8CVSS8.2AI score0.03939EPSS
Exploits0References1
Prion
Prion
added 2017/05/03 5:59 a.m.17 views

Out-of-bounds

Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document...

6.8CVSS8.9AI score0.03939EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder