CVE-2018-21239
https://notcve.org/view.php?id=CVE-2018-21239
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.2. Permite el robo de credenciales NTLM por medio de una acción GoToE o GoToR • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-522: Insufficiently Protected Credentials •
CVE-2018-21240
https://notcve.org/view.php?id=CVE-2018-21240
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.2. Permite el consumo de la memoria por medio de una llamada ArrayBuffer(0xfffffffe) • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-400: Uncontrolled Resource Consumption •
CVE-2018-21241
https://notcve.org/view.php?id=CVE-2018-21241
An issue was discovered in Foxit PhantomPDF before 8.3.6. It has an untrusted search path that allows a DLL to execute remote code. Se detectó un problema en Foxit PhantomPDF versiones anteriores a 8.3.6. Presenta una ruta de búsqueda no confiable que permite a una DLL ejecutar código remoto • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-426: Untrusted Search Path •
CVE-2018-21242
https://notcve.org/view.php?id=CVE-2018-21242
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action. Se detectó un problema en Foxit PhantomPDF versiones anteriores a 8.3.6. Permite una Ejecución de Código Remota por medio de una acción GoToE o GoToR • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-21243
https://notcve.org/view.php?id=CVE-2018-21243
An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used. Se detectó un problema en Foxit PhantomPDF versiones anteriores a 8.3.6. Presenta un manejo inapropiado de objetos COM cuando es usado Microsoft Word • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-434: Unrestricted Upload of File with Dangerous Type •