Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Reader
(Foxitsoftware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 259 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-08-20 | CVE-2020-15638 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.2.29539. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the NodeProperties::InferReceiverMapsUnsafe method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage... | Phantompdf, Reader | N/A | ||
| 2020-08-20 | CVE-2020-15637 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SetLocalDescription method. By performing actions in JavaScript, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this in conjunction with other... | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2020-13815 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2020-13814 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2020-13810 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows signature validation bypass via a modified file or a file with non-standard signatures. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2019-20827 | An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2019-20826 | An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It has a NULL pointer dereference. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2018-21240 | An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2018-21239 | An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2018-21236 | An issue was discovered in Foxit Reader before 2.4.4. It has a NULL pointer dereference. | Reader | N/A |