VYPR

PhantomPDF Mac

by Foxitsoftware

CVEs (226)

  • CVE-2019-20817HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference.

  • CVE-2019-20816HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference during the parsing of file data.

  • CVE-2019-20815HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows stack consumption via nested function calls for XML parsing.

  • CVE-2019-20814HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows memory consumption because data is created for each page of an application level.

  • CVE-2019-20813HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference.

  • CVE-2020-13810HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows signature validation bypass via a modified file or a file with non-standard signatures.

  • CVE-2020-13809HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via long strings in the content stream.

  • CVE-2020-13808HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data.

  • CVE-2020-13807HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has circular reference mishandling that causes a loop.

  • CVE-2020-13806HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has a use-after-free because of JavaScript execution after a deletion or close operation.

  • CVE-2020-13803HigJun 4, 2020
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Foxit PhantomPDF Mac and Foxit Reader for Mac before 4.0. It allows signature validation bypass via a modified file or a file with non-standard signatures.

  • CVE-2019-14215HigJul 21, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer.

  • CVE-2019-14214HigJul 21, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function.

  • CVE-2019-14213HigJul 21, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction.

  • CVE-2019-14212HigJul 21, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object.

  • CVE-2019-14211HigJul 21, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript.

  • CVE-2019-14210HigJul 21, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object.

  • CVE-2019-14208HigJul 21, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary.

  • CVE-2019-14207HigJul 21, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error).

  • CVE-2018-17781HigSep 29, 2018
    risk 0.49cvss 7.5epss 0.02

    Foxit PhantomPDF and Reader before 9.3 allow remote attackers to trigger Uninitialized Object Information Disclosure because creation of ArrayBuffer and DataView objects is mishandled.

Page 9 of 12