VYPR

PhantomPDF Mac

by Foxitsoftware

CVEs (226)

  • CVE-2016-8876HigOct 31, 2016
    risk 0.49cvss 7.5epss 0.02

    Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at…

  • CVE-2016-4061HigApr 22, 2016
    risk 0.49cvss 7.5epss 0.01

    Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream.

  • CVE-2016-4060HigApr 22, 2016
    risk 0.49cvss 7.5epss 0.01

    Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

  • CVE-2017-10994HigJul 7, 2017
    risk 0.48cvss 7.3epss 0.05

    Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document.

  • CVE-2020-12247HigSep 4, 2020
    risk 0.46cvss 7.1epss 0.04

    In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur.

  • CVE-2019-5007HigJan 3, 2019
    risk 0.46cvss 7.1epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing.

  • CVE-2019-6734MedMar 21, 2019
    risk 0.43cvss 6.5epss 0.04

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2019-6733MedMar 21, 2019
    risk 0.43cvss 6.5epss 0.04

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2019-6732MedMar 21, 2019
    risk 0.43cvss 6.5epss 0.04

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2018-21243MedJun 4, 2020
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used.

  • CVE-2016-8879MedOct 31, 2016
    risk 0.42cvss 6.5epss 0.01

    The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka…

  • CVE-2022-25641MedAug 29, 2022
    risk 0.36cvss 5.5epss 0.00

    Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack…

  • CVE-2021-40326MedAug 29, 2022
    risk 0.36cvss 5.5epss 0.00

    Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.

  • CVE-2022-25108MedMar 10, 2022
    risk 0.36cvss 5.5epss 0.01

    Foxit PDF Reader and Editor before 11.2.1 and PhantomPDF before 10.1.7 allow a NULL pointer dereference during PDF parsing because the pointer is used without proper validation.

  • CVE-2021-33795MedJul 9, 2021
    risk 0.36cvss 5.5epss 0.01

    Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled.

  • CVE-2020-28203MedDec 15, 2020
    risk 0.36cvss 5.5epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier. There is a null pointer access/dereference while opening a crafted PDF file, leading the application to crash (denial of service).

  • CVE-2020-26536MedOct 2, 2020
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is a NULL pointer dereference via a crafted PDF document.

  • CVE-2019-6756MedJun 3, 2019
    risk 0.36cvss 5.5epss 0.03

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF 9.4.0.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2019-6752MedJun 3, 2019
    risk 0.36cvss 5.5epss 0.03

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…

  • CVE-2019-6982MedJan 28, 2019
    risk 0.36cvss 5.5epss 0.03

    An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Write and crash during the handling of certain PDF files that embed specifically crafted 3D content, because of the improper…

Page 10 of 12