Phantompdf@* Security Vulnerabilities and Issues — Phantompdf@* CVE List

Lucene search

FoxitsoftwarePhantompdf*

12 matches found

CVE•added 2016/10/31 10:59 a.m.•60 views

CVE-2016-8875

The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in...

5.3CVSS6.4AI score0.00088EPSS

CVE•added 2016/04/22 3:59 p.m.•50 views

CVE-2016-4065

The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted (1) JPEG, (2) GIF, or (3) BMP image.

7.8CVSS7.2AI score0.00266EPSS

CVE•added 2016/04/22 3:59 p.m.•47 views

CVE-2016-4060

Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

7.5CVSS7.2AI score0.00134EPSS

CVE•added 2016/04/22 3:59 p.m.•47 views

CVE-2016-4061

Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream.

7.5CVSS7.1AI score0.00168EPSS

CVE•added 2016/10/31 10:59 a.m.•47 views

CVE-2016-8878

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return valu...

8.8CVSS8.7AI score0.00361EPSS

CVE•added 2016/04/22 3:59 p.m.•45 views

CVE-2016-4059

Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document.

7.8CVSS7.8AI score0.01302EPSS

CVE•added 2016/04/22 3:59 p.m.•45 views

CVE-2016-4062

Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF.

5.5CVSS6AI score0.00038EPSS

CVE•added 2016/10/31 10:59 a.m.•45 views

CVE-2016-8877

Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue.

8.8CVSS9AI score0.00534EPSS

CVE•added 2016/04/22 3:59 p.m.•44 views

CVE-2016-4063

Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document.

7.8CVSS7.8AI score0.01544EPSS

CVE•added 2016/10/31 10:59 a.m.•44 views

CVE-2016-8876

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."

7.5CVSS8.3AI score0.00361EPSS

CVE•added 2016/10/31 10:59 a.m.•43 views

CVE-2016-8879

The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Hea...

6.5CVSS7AI score0.00088EPSS

CVE•added 2016/04/22 3:59 p.m.•41 views

CVE-2016-4064

Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call.

7.8CVSS7.8AI score0.01264EPSS