Foxitsoftware: >> Phantompdf >> 3.4 Security Vulnerabilities
An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write when Internet Explorer is used.
CVSS Score
9.8
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.10. It has homograph mishandling.
CVSS Score
4.3
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud credentials, as demonstrated by Google Drive.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action.
CVSS Score
9.8
EPSS Score
0.036
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used.
CVSS Score
6.5
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.
CVSS Score
9.8
EPSS Score
0.001
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-06-04