CVE-2018-14295

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace

Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace Related to issue 1490 . When parsing ShadingPatterns; according to the specification they shouldn't be permitted to have a pattern colorspace as their base colorspace, but this is not validated, leading to out-of-bounds...

Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace Exploit

Exploit for multiple platform in category dos / poc Related to issue 1490 . When parsing ShadingPatterns; according to the specification they shouldn't be permitted to have a pattern colorspace as their base colorspace, but this is not validated, leading to out-of-bounds reads when rendering usin...

Pdfium - Pattern Shading Integer Overflows Exploit

Exploit for multiple platform in category dos / poc This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in...