CVE-2018-21240
https://notcve.org/view.php?id=CVE-2018-21240
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.2. Permite el consumo de la memoria por medio de una llamada ArrayBuffer(0xfffffffe) • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-400: Uncontrolled Resource Consumption •
CVE-2018-21241
https://notcve.org/view.php?id=CVE-2018-21241
An issue was discovered in Foxit PhantomPDF before 8.3.6. It has an untrusted search path that allows a DLL to execute remote code. Se detectó un problema en Foxit PhantomPDF versiones anteriores a 8.3.6. Presenta una ruta de búsqueda no confiable que permite a una DLL ejecutar código remoto • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-426: Untrusted Search Path •
CVE-2018-21242
https://notcve.org/view.php?id=CVE-2018-21242
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action. Se detectó un problema en Foxit PhantomPDF versiones anteriores a 8.3.6. Permite una Ejecución de Código Remota por medio de una acción GoToE o GoToR • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-21243
https://notcve.org/view.php?id=CVE-2018-21243
An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used. Se detectó un problema en Foxit PhantomPDF versiones anteriores a 8.3.6. Presenta un manejo inapropiado de objetos COM cuando es usado Microsoft Word • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2018-21244
https://notcve.org/view.php?id=CVE-2018-21244
An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029. Se detectó un problema en Foxit PhantomPDF versiones anteriores a 8.3.6. Permite una ejecución de aplicación arbitraria por medio de un archivo ejecutable insertado en un portafolio PDF, también se conoce como FG-VD-18-029 • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-434: Unrestricted Upload of File with Dangerous Type •