Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Foxit_reader
(Foxitsoftware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 372 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-06-16 | CVE-2021-31476 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA templates. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to... | Foxit_reader, Phantompdf | 7.8 | ||
| 2021-07-09 | CVE-2021-33792 | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write via a crafted /Size key in the Trailer dictionary. | Foxit_reader, Phantompdf | 7.8 | ||
| 2021-07-09 | CVE-2021-33795 | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled. | Foxit_reader, Phantompdf | 5.5 | ||
| 2021-08-11 | CVE-2021-33793 | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion. | Foxit_reader, Phantompdf | 9.8 | ||
| 2021-08-11 | CVE-2021-33794 | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction. | Foxit_reader, Phantompdf | 9.1 | ||
| 2021-08-11 | CVE-2021-38568 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format. | Foxit_reader, Phantompdf | 9.8 | ||
| 2021-08-11 | CVE-2021-38569 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects. | Foxit_reader, Phantompdf | 7.5 | ||
| 2021-08-11 | CVE-2021-38570 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to delete arbitrary files (during uninstallation) via a symlink. | Foxit_reader, Phantompdf | 9.1 | ||
| 2021-08-11 | CVE-2021-38571 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502. | Foxit_reader, Phantompdf | 7.8 | ||
| 2021-08-11 | CVE-2021-38572 | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because the extractPages pathname is not validated. | Foxit_reader, Phantompdf | 9.8 |