PhantomPDF Mac
CVEs (226)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-4063 | Hig | 0.51 | 7.8 | 0.05 | Apr 22, 2016 | Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document. | ||
| CVE-2016-4059 | Hig | 0.51 | 7.8 | 0.04 | Apr 22, 2016 | Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document. | ||
| CVE-2021-38569 | Hig | 0.49 | 7.5 | 0.01 | Aug 11, 2021 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects. | ||
| CVE-2020-26540 | Hig | 0.49 | 7.5 | 0.01 | Oct 2, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened Runtime protection mechanism is not applied to code signing, code injection (or an information leak) can occur. | ||
| CVE-2019-20837 | Hig | 0.49 | 7.5 | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It allows signature validation bypass via a modified file or a file with non-standard signatures. | ||
| CVE-2019-20836 | Hig | 0.49 | 7.5 | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive. | ||
| CVE-2019-20834 | Hig | 0.49 | 7.5 | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF before 8.3.10. It allows signature validation bypass via a modified file or a file with non-standard signatures. | ||
| CVE-2019-20833 | Hig | 0.49 | 7.5 | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud credentials, as demonstrated by Google Drive. | ||
| CVE-2019-20831 | Hig | 0.49 | 7.5 | 0.01 | Jun 4, 2020 | An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.5.0.20733. It has void data mishandling, causing a crash. | ||
| CVE-2019-20829 | Hig | 0.49 | 7.5 | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file. | ||
| CVE-2019-20828 | Hig | 0.49 | 7.5 | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs. | ||
| CVE-2019-20824 | Hig | 0.49 | 7.5 | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file. | ||
| CVE-2019-20823 | Hig | 0.49 | 7.5 | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs. | ||
| CVE-2018-21240 | Hig | 0.49 | 7.5 | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. | ||
| CVE-2018-21238 | Hig | 0.49 | 7.5 | 0.01 | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. | ||
| CVE-2020-13815 | Hig | 0.49 | 7.5 | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference. | ||
| CVE-2019-20821 | Hig | 0.49 | 7.5 | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF Mac before 3.4. It has a NULL pointer dereference. | ||
| CVE-2019-20820 | Hig | 0.49 | 7.5 | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference during the parsing of file data. | ||
| CVE-2019-20819 | Hig | 0.49 | 7.5 | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows stack consumption via nested function calls for XML parsing. | ||
| CVE-2019-20818 | Hig | 0.49 | 7.5 | 0.02 | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows memory consumption because data is created for each page of an application level. |
- risk 0.51cvss 7.8epss 0.05
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document.
- risk 0.51cvss 7.8epss 0.04
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened Runtime protection mechanism is not applied to code signing, code injection (or an information leak) can occur.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It allows signature validation bypass via a modified file or a file with non-standard signatures.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Foxit PhantomPDF before 8.3.10. It allows signature validation bypass via a modified file or a file with non-standard signatures.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud credentials, as demonstrated by Google Drive.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.5.0.20733. It has void data mishandling, causing a crash.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Foxit PhantomPDF Mac before 3.4. It has a NULL pointer dereference.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference during the parsing of file data.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows stack consumption via nested function calls for XML parsing.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows memory consumption because data is created for each page of an application level.
Page 8 of 12