CVE-2017-5556

The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG image. The vulnerability could lead to information disclosure; ...

CVE-2017-5556

The CVE-2017-5556 issue affects Foxit Reader (ConvertToPDF plugin) and Foxit PhantomPDF on Windows, where the ConvertToPDF plugin is vulnerable before version 8.2 when the gflags app is enabled. A crafted JPEG image can trigger an out-of-bounds read, causing a denial of service (application crash...

KLA10948 Denial of service and code execution vulnerability in Foxit Reader and Foxit PhantomPDF

Out-of bounds read vulnerability was found in the ConvertToPDF plugin in Foxit Reader and PhantomPDF. By exploiting this vulnerability malicious users can cause a denial of service, possibly obtain sensitive information or execute arbitrary code in the context of the current process. This...

Multiple Vulnerabilities in Foxit Reader and PhantomPDF

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. Foxit Reader and PhantomPDF have multiple remote code execution and information disclosure vulnerabilities. These vulnerabilities can be exploited by an attacker to execute...

Foxit PhantomPDF ConvertToPDF TIFF Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF's...

Foxit PhantomPDF ConvertToPDF JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit Reader and PhantomPDF Information Disclosure Vulnerability

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. Foxit Reader and PhantomPDF have an information disclosure vulnerability. This vulnerability can be exploited by attackers to disclose sensitive information...

Foxit Reader and PhantomPDF Remote Code Execution Vulnerability

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A remote code execution vulnerability exists in Foxit Reader and PhantomPDF prior to version 8.1.0.1013. An attacker can exploit the vulnerability to execute arbitrary code in t...

Foxit PhantomPDF Multiple Vulnerabilities (Nov 2016)

Foxit PhantomPDF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:phantompdf";...

Foxit Reader and PhantomPDF Denial of Service Vulnerability (CNVD-2016-10510)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. Based on the Windows platform on the Foxit Reader and PhantomPDF 8.1 before the version of the thumbnail shell extension plug-in FoxitThumbnailHndlrx86.dll has a security...

Foxit Reader and PhantomPDF Buffer Overflow Vulnerability (CNVD-2016-10511)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A heap-based buffer overflow vulnerability exists in Foxit Reader and PhantomPDF versions prior to 8.1 on Windows-based platforms. A remote attacker can exploit this vulnerabili...

Foxit Reader and PhantomPDF Read-Over-Boundary Vulnerability (CNVD-2016-10512)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. An out-of-bounds read vulnerability exists in Foxit Reader and PhantomPDF versions prior to 8.1 on Windows-based platforms. When the gflags application is enabled, a remote...

Foxit Reader and PhantomPDF Read-Over-Boundary Vulnerability (CNVD-2016-10513)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. An out-of-bounds read vulnerability exists in Foxit Reader and PhantomPDF versions prior to 8.1 on Windows-based platforms. When the gflags application is enabled, a remote...

Foxit Reader and PhantomPDF Denial of Service Vulnerability (CNVD-2016-10514)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A denial of service vulnerability exists in the ConvertToPDF plug-in in Foxit Reader and PhantomPDF versions prior to 8.1 on Windows-based platforms. When the gflags application...

CVE-2016-8879

The thumbnail shell extension plugin FoxitThumbnailHndlrx86.dll in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service out-of-bounds write and application crash via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap...

CVE-2016-8878

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return...

CVE-2016-8878

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return...

CVE-2016-8877

Heap buffer overflow Out-of-Bounds write vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue...

CVE-2016-8876

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."...

CVE-2016-8876

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."...