1979 matches found
CVE-2016-4060
CVE-2016-4060 is a use-after-free vulnerability in Foxit Reader and Foxit PhantomPDF for Windows, tracked across multiple sources. The issue affects Foxit Reader and Foxit PhantomPDF versions prior to 7.3.4. The root cause is a memory mismanagement condition (use-after-free) exposed by parsing ce...
CVE-2016-4059
Summary: CVE-2016-4059 is a use-after-free vulnerability in Foxit Reader and Foxit PhantomPDF before 7.3.4 on Windows, exploitable via a crafted FlateDecode stream in a PDF to achieve arbitrary code execution. The issue is part of a family of related flaws affecting multiple components of Foxit’s...
CVE-2016-4063
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document...
CVE-2016-4059
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document...
CVE-2016-4065
The CVE-2016-4065 issue affects Foxit Reader and Foxit PhantomPDF on Windows, where the ConvertToPDF plugin can trigger an out-of-bounds read in image handling (JPEG/GIF/BMP) when the gflags app is enabled, causing a denial of service (application crash). Affected versions are Foxit Reader/Phanto...
CVE-2016-4064
Foxit Reader and Foxit PhantomPDF (Windows) ≤ 7.3.3 are affected by CVE-2016-4064 due to a use-after-free in the XFA forms handling when a crafted remerge call is processed. This leads to remote code execution with high impact (as described in connected sources). Remediation per the documents: up...
CVE-2016-4061
Summary of CVE-2016-4061 : Foxit Reader and PhantomPDF (Windows) prior to version 7.3.4 are affected by a vulnerability that allows remote attackers to cause a denial of service (application crash) via a crafted content stream. The issue is described across multiple feeds as a memory/parse fault ...
CVE-2016-4060
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service application crash via unspecified vectors...
CVE-2016-4063
Foxit Foxit Reader/PhantomPDF prior to version 7.3.4 is affected by multiple use-after-free vulnerabilities in PDF handling (notably object revision number -1, and related FlateDecode/content stream handling). The CVE in scope (CVE-2016-4063) is described as a use-after-free enabling arbitrary co...
CVE-2016-4062
Foxit Reader and Foxit PhantomPDF prior to version 7.3.4 are affected by CVE-2016-4062 due to improper recursive handling of PDF format errors, allowing remote exploitation to cause a denial of service (application hang). Root cause: recursive format-error reporting. Impact is DoS; exploitation v...
KLA10797 Multiple vulnerabilities in Foxit Reader
Multiple vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities 1. An unknown vulnerability in ConvertToPDF plugin can be exploited...
Foxit PhantomPDF < 7.3.4 Multiple Vulnerabilities
According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 7.3.4. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists that is triggered when handling FlateDecode streams. An...
Foxit Reader and Foxit PhantomPDF Denial of Service Vulnerability (CNVD-2016-01903)
Foxit Reader is a PDF document reader.Foxit PhantomPDF is a commercial version. A denial of service vulnerability can be triggered when using Foxit Reader or Foxit PhantomPDF to open a carefully constructed PDF file. An attacker can exploit this vulnerability to cause a denial of service...
Foxit Reader and Foxit PhantomPDF Remote Code Execution Vulnerability
Foxit Reader is a PDF document reader.Foxit PhantomPDF is a commercial version. When using Foxit Reader or Foxit PhantomPDF to open a carefully constructed PDF file, there is a security vulnerability that can be exploited by an attacker to remotely execute arbitrary code...
Foxit PhantomPDF ListBox Value Memory Error References Remote Code Execution Vulnerability
PhantomPDF is the universal PDF editor. Foxit PhantomPDF has a security vulnerability in the handling of the ListBox value attribute, which can cause the pointer that has been released in the hanging pointer to be reused, and an attacker can execute arbitrary code in the context of the current...
Foxit PhantomPDF Signature Field Memory Error References Remote Code Execution Vulnerability
PhantomPDF is the universal PDF editor. PhantomPDF has a security vulnerability in the handling of the Signature field, which could allow the reuse of a pointer that has already been released in the hanging pointer. An attacker can execute arbitrary code in the context of the current process...
Foxit PhantomPDF ListBox value Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Foxit PhantomPDF Signature field Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Foxit PhantomPDF WillClose Memory Error References Remote Code Execution Vulnerability
Foxit Reader is a PDF document reader.Foxit PhantomPDF is a commercial version. A security vulnerability exists in the handling of the WillClose operation of Foxit Reader, which forces the hanging pointer to be released and then reused when performing a WillClose operation on a constructed PDF. A...
Foxit Reader and Foxit PhantomPDF integer overflow vulnerability (CNVD-2016-00916)
Foxit Reader is a PDF document reader.Foxit PhantomPDF is a commercial version. Foxit Reader and Foxit PhantomPDF have an integer overflow vulnerability that can be exploited by attackers to execute arbitrary code or cause a denial of service...