3 matches found
CVE-2020-8853
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2020-8853
Foxit PhantomPDF 9.7.0.29478 is vulnerable to a HTML2PDF conversion out-of-bounds write that can allow remote code execution. The flaw arises from insufficient validation of user-supplied data during HTML-to-PDF conversion, enabling a write past the end of an allocated structure. Exploitation req...
Foxit Reader < 9.7.1 Multiple Vulnerabilities
According to its version, the Foxit Reader application formally known as Phantom installed on the remote Windows host is prior to 9.7.1. It is, therefore, affected by multiple vulnerabilities: - A use-after-free error exists related to handling watermarks, AcroForm objects, text fields, or...