VYPR

Foxit PhantomPDF

by Foxitsoftware

CVEs (4)

  • CVE-2017-17557HigApr 24, 2018
    risk 0.57cvss 8.8epss 0.04

    In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files. The issue results from the lack of proper validation of the biSize member, which can result in a heap based buffer overflow. An attacker can…

  • CVE-2017-14694HigSep 22, 2017
    risk 0.51cvss 7.8epss 0.07

    Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow…

  • CVE-2015-8580Dec 16, 2015
    risk 0.00cvss epss 0.04

    Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document.

  • CVE-2011-0332Feb 25, 2011
    risk 0.00cvss epss 0.06

    Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow.