Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Phantompdf
(Foxitsoftware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 544 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-10-31 | CVE-2016-8875 | The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ConvertToPDF_x86!CreateFXPDFConvertor." | Phantompdf, Reader | 5.3 | ||
| 2018-02-07 | CVE-2016-6169 | Heap-based buffer overflow in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (memory corruption and application crash) or potentially execute arbitrary code via the Bezier data in a crafted PDF file. | Foxit_reader, Phantompdf | 7.8 | ||
| 2018-02-07 | CVE-2016-6168 | Use-after-free vulnerability in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a crafted PDF file. | Foxit_reader, Phantompdf | 7.8 | ||
| 2016-04-22 | CVE-2016-4065 | The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted (1) JPEG, (2) GIF, or (3) BMP image. | Foxit_reader, Phantompdf | 7.8 | ||
| 2016-04-22 | CVE-2016-4064 | Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call. | Foxit_reader, Phantompdf | 7.8 | ||
| 2016-04-22 | CVE-2016-4063 | Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document. | Foxit_reader, Phantompdf | 7.8 | ||
| 2016-04-22 | CVE-2016-4062 | Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF. | Foxit_reader, Phantompdf | 5.5 | ||
| 2016-04-22 | CVE-2016-4061 | Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream. | Foxit_reader, Phantompdf | 7.5 | ||
| 2016-04-22 | CVE-2016-4060 | Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | Foxit_reader, Phantompdf | 7.5 | ||
| 2016-04-22 | CVE-2016-4059 | Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document. | Foxit_reader, Phantompdf | 7.8 |