CVE-2019-20836
https://notcve.org/view.php?id=CVE-2019-20836
An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.5. Presenta un manejo inapropiado de las credenciales en la nube, como es demostrado por Google Drive • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-20837
https://notcve.org/view.php?id=CVE-2019-20837
An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It allows signature validation bypass via a modified file or a file with non-standard signatures. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.5. Permite una omisión de comprobación de firma por medio de un archivo modificado o un archivo con firmas no estándar • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-347: Improper Verification of Cryptographic Signature •
CVE-2018-21237
https://notcve.org/view.php?id=CVE-2018-21237
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action. Se detectó un problema en Foxit PhantomPDF versiones anteriores a 8.3.7. Permite el robo de credenciales NTLM por medio de una acción GoToE o GoToR • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-522: Insufficiently Protected Credentials •
CVE-2018-21238
https://notcve.org/view.php?id=CVE-2018-21238
An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. Se detectó un problema en Foxit PhantomPDF versiones anteriores a 8.3.7. Permite el consumo de la memoria por medio de una llamada ArrayBuffer(0xfffffffe) • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-400: Uncontrolled Resource Consumption •
CVE-2018-21239
https://notcve.org/view.php?id=CVE-2018-21239
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.2. Permite el robo de credenciales NTLM por medio de una acción GoToE o GoToR • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-522: Insufficiently Protected Credentials •