CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-38568
https://notcve.org/view.php?id=CVE-2021-38568
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format. Se ha detectado un problema en Foxit Reader y PhantomPDF versiones anteriores a 10.1.4. Permite una corrupción de memoria durante la conversión de un documento PDF a un formato de documento diferente • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-38569
https://notcve.org/view.php?id=CVE-2021-38569
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects. Se ha detectado un problema en Foxit Reader y PhantomPDF versiones anteriores a 10.1.4. Permite un consumo de pila por medio de llamadas a funciones recursivas durante el manejo de formularios XFA u objetos de enlace • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-674: Uncontrolled Recursion •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-38570
https://notcve.org/view.php?id=CVE-2021-38570
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to delete arbitrary files (during uninstallation) via a symlink. Se ha detectado un problema en Foxit Reader y PhantomPDF versiones anteriores a 10.1.4. Permite a atacantes eliminar archivos arbitrarios (durante la desinstalación) por medio de un enlace simbólico • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38571
https://notcve.org/view.php?id=CVE-2021-38571
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502. Se ha detectado un problema en Foxit Reader y PhantomPDF versiones anteriores a 10.1.4. Permite el secuestro de DLL, también se conoce como CNVD-C-2021-68000 y CNVD-C-2021-68502 • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-38572
https://notcve.org/view.php?id=CVE-2021-38572
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because the extractPages pathname is not validated. Se ha detectado un problema en Foxit Reader y PhantomPDF versiones anteriores a 10.1.4. Permite escribir en archivos arbitrarios porque el nombre de ruta extractPages no es comprobado • https://www.foxitsoftware.com/support/security-bulletins.php •