CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2016/10/31 10:59 a.m.•22 views

CVE-2016-8875

5.3CVSS5.2AI score0.01093EPSS

Prion•added 2016/10/31 10:59 a.m.•16 views

Cross site scripting

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return...

6.8CVSS8AI score0.0259EPSS

Prion•added 2016/10/31 10:59 a.m.•18 views

Out-of-bounds

4.3CVSS7AI score0.01093EPSS

Prion•added 2016/10/31 10:59 a.m.•25 views

Heap overflow

The thumbnail shell extension plugin FoxitThumbnailHndlrx86.dll in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service out-of-bounds write and application crash via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap...

4.3CVSS7.1AI score0.01277EPSS

Prion•added 2016/10/31 10:59 a.m.•16 views

Heap overflow

Heap buffer overflow Out-of-Bounds write vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue...

6.8CVSS8.6AI score0.02942EPSS

Prion•added 2016/10/31 10:59 a.m.•15 views

Cross site scripting

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."...

6.8CVSS8AI score0.02187EPSS

Cvelist•added 2016/10/31 10:0 a.m.•28 views

CVE-2016-8875

6.5AI score0.01093EPSS

CVE•added 2016/10/31 10:0 a.m.•53 views

CVE-2016-8876

CVE-2016-8876 describes an out-of-bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, exploitable by a crafted TIFF image embedded in the XFA data stream of a PDF when the gflags tool is enabled. Successful exploitation can lead to remote arbitrary code execution with ...

7.5CVSS8.3AI score0.02187EPSS

CVE•added 2016/10/31 10:0 a.m.•55 views

CVE-2016-8879

CVE-2016-8879 affects Foxit Reader and Foxit PhantomPDF prior to 8.1 on Windows. The issue lies in the thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) where a crafted JPEG2000 image embedded in a PDF can trigger an out-of-bounds write, causing an application crash and a denial-of-s...

6.5CVSS7AI score0.01277EPSS

CVE•added 2016/10/31 10:0 a.m.•76 views

CVE-2016-8875

The CVE-2016-8875 entry concerns Foxit Reader and Foxit PhantomPDF (Windows) with the ConvertToPDF plugin. When the gflags utility is enabled, a specially crafted TIFF image can trigger an out-of-bounds read, causing a DoS (crash) in CreateFXPDFConvertor. This is associated with the ConvertToPDF_...

5.3CVSS6.4AI score0.01093EPSS

CVE•added 2016/10/31 10:0 a.m.•57 views

CVE-2016-8877

CVE-2016-8877 describes a heap-based buffer overflow in Foxit Reader and PhantomPDF before 8.1 on Windows. A crafted JPEG2000 image embedded in a PDF enables remote code execution (arbitrary code) with potential impact to confidentiality, integrity, and availability. Affected products: Foxit Read...

8.8CVSS9AI score0.02942EPSS

CVE•added 2016/10/31 10:0 a.m.•67 views

CVE-2016-8878

Foxit Reader and Foxit PhantomPDF (Windows) prior to 8.1 are affected by an out-of-bounds read in the XFA data stream when the gflags utility is enabled, allowing remote code execution via a crafted BMP in a PDF. Impact listed as arbitrary code execution with high severity (CVSS v3: HIGH, 8.8). A...

8.8CVSS8.7AI score0.0259EPSS

Cvelist•added 2016/10/31 10:0 a.m.•25 views

CVE-2016-8878

8.8AI score0.0259EPSS

Cvelist•added 2016/10/31 10:0 a.m.•26 views

CVE-2016-8876

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."...

8.3AI score0.02187EPSS

Cvelist•added 2016/10/31 10:0 a.m.•31 views

CVE-2016-8879

7.1AI score0.01277EPSS

CNVD•added 2016/10/20 12:0 a.m.•2 views

Multiple Vulnerabilities in Foxit Reader and PhantomPDF

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. Multiple versions of Foxit Reader and PhantomPDF have heap overflow, denial of service, integer overflow, and remote code execution vulnerabilities that can be exploited by an...

8.7AI score

CNVD•added 2016/08/31 12:0 a.m.•2 views

Foxit Reader and PhantomPDF DLL Load Remote Command Execution Vulnerability

Foxit Reader is China's Foxit Foxit Software Corporation produced a small PDF document viewing and printing program, PhantomPDF is a commercial version. A remote command execution vulnerability exists in the loading of the Foxit Reader and PhantomPDF DLLs, which could be exploited by an attacker ...

7.7AI score

CNVD•added 2016/08/31 12:0 a.m.•1 views

Foxit Reader and Foxit PhantomPDF Out-of-Bounds Reading Information Disclosure Vulnerability

Foxit Reader is China's Foxit Foxit Software Corporation produced a small PDF document viewing and printing program, PhantomPDF is a commercial version. Foxit Reader and Foxit PhantomPDF have an out-of-bounds read information disclosure vulnerability that could be exploited by attackers to obtain...

6.2AI score

CNVD•added 2016/08/31 12:0 a.m.•1 views

Foxit Reader and PhantomPDF Remote Command Execution Vulnerability

Foxit Reader is China's Foxit Foxit Software Corporation produced a small PDF document viewing and printing program, PhantomPDF is a commercial version. A remote command execution vulnerability exists in Foxit Reader and PhantomPDF that could be exploited to allow an attacker to execute arbitrary...

7.8AI score