PhantomPDF Mac
by Foxit
CVEs (37)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-13317 | 0.00 | — | 0.01 | Oct 4, 2019 | This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2019-13316 | 0.00 | — | 0.01 | Oct 4, 2019 | This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2019-14215 | 0.00 | — | 0.00 | Jul 21, 2019 | An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer. | |||
| CVE-2019-14214 | 0.00 | — | 0.00 | Jul 21, 2019 | An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function. | |||
| CVE-2019-14213 | 0.00 | — | 0.00 | Jul 21, 2019 | An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction. | |||
| CVE-2019-14212 | 0.00 | — | 0.00 | Jul 21, 2019 | An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object. | |||
| CVE-2019-14211 | 0.00 | — | 0.00 | Jul 21, 2019 | An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript. | |||
| CVE-2019-14210 | 0.00 | — | 0.00 | Jul 21, 2019 | An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object. | |||
| CVE-2019-14209 | 0.00 | — | 0.00 | Jul 21, 2019 | An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm. | |||
| CVE-2019-14208 | 0.00 | — | 0.00 | Jul 21, 2019 | An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary. | |||
| CVE-2019-14207 | 0.00 | — | 0.00 | Jul 21, 2019 | An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error). | |||
| CVE-2019-6765 | 0.00 | — | 0.00 | Jun 3, 2019 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2019-6762 | 0.00 | — | 0.00 | Jun 3, 2019 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2019-6752 | 0.00 | — | 0.00 | Jun 3, 2019 | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2019-6756 | 0.00 | — | 0.00 | Jun 3, 2019 | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF 9.4.0.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The… | |||
| CVE-2019-6733 | 0.00 | — | 0.01 | Mar 19, 2019 | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… | |||
| CVE-2019-6732 | 0.00 | — | 0.01 | Mar 19, 2019 | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw… |
- CVE-2019-13317Oct 4, 2019risk 0.00cvss —epss 0.01
This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2019-13316Oct 4, 2019risk 0.00cvss —epss 0.01
This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2019-14215Jul 21, 2019risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer.
- CVE-2019-14214Jul 21, 2019risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function.
- CVE-2019-14213Jul 21, 2019risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction.
- CVE-2019-14212Jul 21, 2019risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object.
- CVE-2019-14211Jul 21, 2019risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript.
- CVE-2019-14210Jul 21, 2019risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object.
- CVE-2019-14209Jul 21, 2019risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm.
- CVE-2019-14208Jul 21, 2019risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary.
- CVE-2019-14207Jul 21, 2019risk 0.00cvss —epss 0.00
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error).
- CVE-2019-6765Jun 3, 2019risk 0.00cvss —epss 0.00
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2019-6762Jun 3, 2019risk 0.00cvss —epss 0.00
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2019-6752Jun 3, 2019risk 0.00cvss —epss 0.00
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2019-6756Jun 3, 2019risk 0.00cvss —epss 0.00
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF 9.4.0.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The…
- CVE-2019-6733Mar 19, 2019risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
- CVE-2019-6732Mar 19, 2019risk 0.00cvss —epss 0.01
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…
Page 2 of 2