6 matches found
CVE-2016-8875
The CVE-2016-8875 entry concerns Foxit Reader and Foxit PhantomPDF (Windows) with the ConvertToPDF plugin. When the gflags utility is enabled, a specially crafted TIFF image can trigger an out-of-bounds read, causing a DoS (crash) in CreateFXPDFConvertor. This is associated with the ConvertToPDF_...
CVE-2016-8878
Foxit Reader and Foxit PhantomPDF (Windows) prior to 8.1 are affected by an out-of-bounds read in the XFA data stream when the gflags utility is enabled, allowing remote code execution via a crafted BMP in a PDF. Impact listed as arbitrary code execution with high severity (CVSS v3: HIGH, 8.8). A...
CVE-2016-8877
CVE-2016-8877 describes a heap-based buffer overflow in Foxit Reader and PhantomPDF before 8.1 on Windows. A crafted JPEG2000 image embedded in a PDF enables remote code execution (arbitrary code) with potential impact to confidentiality, integrity, and availability. Affected products: Foxit Read...
CVE-2016-8879
CVE-2016-8879 affects Foxit Reader and Foxit PhantomPDF prior to 8.1 on Windows. The issue lies in the thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) where a crafted JPEG2000 image embedded in a PDF can trigger an out-of-bounds write, causing an application crash and a denial-of-s...
CVE-2016-8876
CVE-2016-8876 describes an out-of-bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, exploitable by a crafted TIFF image embedded in the XFA data stream of a PDF when the gflags tool is enabled. Successful exploitation can lead to remote arbitrary code execution with ...
CVE-2016-8856
Foxit Reader for Mac (2.1.0.0804 and earlier) and Foxit Reader for Linux (2.1.0.0805 and earlier) are affected by a vulnerability in which default global write permissions on core files after installation allow an attacker to overwrite them with backdoor code. This can lead to arbitrary code exec...