Foxitsoftware: >> Phantompdf Security Vulnerabilities
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.
CVSS Score
9.8
EPSS Score
0.001
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.6. It has an untrusted search path that allows a DLL to execute remote code.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary.
CVSS Score
9.8
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows memory consumption because data is created for each page of an application level.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows stack consumption via nested function calls for XML parsing.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04