Shodan
Vulnerabilities
Vulnerable Software
Foxitsoftware:  >> Phantompdf  >> 7.3.0.118  Security Vulnerabilities
CVE-2016-8875
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ConvertToPDF_x86!CreateFXPDFConvertor."
CVSS Score
5.3
EPSS Score
0.001
Published
2016-10-31
CVE-2016-4065
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted (1) JPEG, (2) GIF, or (3) BMP image.
CVSS Score
7.8
EPSS Score
0.003
Published
2016-04-22
CVE-2016-4064
Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call.
CVSS Score
7.8
EPSS Score
0.013
Published
2016-04-22
CVE-2016-4063
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document.
CVSS Score
7.8
EPSS Score
0.015
Published
2016-04-22
CVE-2016-4062
Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF.
CVSS Score
5.5
EPSS Score
0.0
Published
2016-04-22
CVE-2016-4061
Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream.
CVSS Score
7.5
EPSS Score
0.002
Published
2016-04-22
CVE-2016-4060
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.001
Published
2016-04-22
CVE-2016-4059
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document.
CVSS Score
7.8
EPSS Score
0.013
Published
2016-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved