Security Vulnerabilities - CVEs Published In June 2020
An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used.
CVSS Score
6.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.
CVSS Score
9.8
EPSS Score
0.001
Published
2020-06-04
An issue was discovered in Foxit E-mail advertising system before September 2018. It allows authentication bypass and information disclosure, related to Interspire Email Marketer.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit Reader before 2.4.4. It has a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.6. It has an untrusted search path that allows a DLL to execute remote code.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit Studio Photo before 3.6.6.922. It allows local users to gain privileges via a crafted DLL in the current working directory.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-06-04