CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6883
https://notcve.org/view.php?id=CVE-2017-6883
14 Mar 2017 — The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. El plugin ConvertToPDF en Foxit Reader en versiones anteriores a 8.2.1 y PhantomPD... • http://www.securityfocus.com/bid/96870 • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2017-5556
https://notcve.org/view.php?id=CVE-2017-5556
23 Jan 2017 — The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. El plugin ConvertToPDF en Foxit Reader en versiones anteriores a 8.2 y PhantomPDF en v... • http://www.securityfocus.com/bid/95353 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4060
https://notcve.org/view.php?id=CVE-2016-4060
22 Apr 2016 — Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors. Vulnerabilidad de uso después de liberación de memoria en Foxit Reader y PhantomPDF en versiones anteriores a 7.3.4 en Windows permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de vectores no especificados. • http://www.securityfocus.com/bid/85379 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4061
https://notcve.org/view.php?id=CVE-2016-4061
22 Apr 2016 — Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream. Foxit Reader y PhantomPDF en versiones anteriores a 7.3.4 en Windows permiten a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un flujo de contenido manipulado. • http://www.securityfocus.com/bid/90504 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4062
https://notcve.org/view.php?id=CVE-2016-4062
22 Apr 2016 — Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF. Foxit Reader y PhantomPDF en versiones anteriores a 7.3.4 en Windows reportan incorrectamente errores de formato recursivamente, lo que permite a atacantes remotos provocar una denegación de servicio (colgado de aplicación) a través de un PDF manipulado. • http://www.securityfocus.com/bid/90504 • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-4059 – Foxit Reader FlateDecode Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-4059
23 Mar 2016 — Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document. Vulnerabilidad de uso después de liberación de memoria en Foxit Reader y PhantomPDF en versiones anteriores a 7.3.4 en Windows permite a atacantes remotos ejecutar código arbitrario a través de un flujo FlateDecode modificado en un documento PDF. This vulnerability allows remote attackers to execute arbitrary code on vulnera... • http://www.securityfocus.com/bid/85379 •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-4063 – Foxit Reader Revision Number Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-4063
23 Mar 2016 — Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document. Vulnerabilidad de uso después de liberación de memoria en Foxit Reader y PhantomPDF en versiones anteriores a 7.3.4 en Windows permite a atacantes remotos ejecutar código arbitrario a través de un objeto con un número de revisión de -1 en un documento PDF. This vulnerability allows remote attackers to execute arbit... • http://www.securityfocus.com/bid/85379 •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-4064 – Foxit Reader XFA remerge Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-4064
23 Mar 2016 — Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call. Vulnerabilidad de uso después de liberación de memoria en la funcionalidad de manejo de formularios XFA en Foxit Reader y PhantomPDF en versiones anteriores a 7.3.4 en Windows permite a atacantes remotos ejecutar código arbitrario a través de una llamada remerge manipulada. This vulnerability allows remote at... • http://www.securityfocus.com/bid/85379 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4065 – Foxit Reader ConvertToPDF BMP Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-4065
23 Mar 2016 — The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted (1) JPEG, (2) GIF, or (3) BMP image. El plugin ConvertToPDF en Foxit Reader y PhantomPDF en versiones anteriores a 7.3.4 en Windows, cuando la aplicación gflags está activa, permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites y caída de aplicación) a t... • http://www.zerodayinitiative.com/advisories/ZDI-16-216 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.4EPSS: 0%CPEs: 10EXPL: 0CVE-2015-8843 – Foxit FoxitCloudUpdateService Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2015-8843
15 Dec 2015 — The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption. El Foxit Cloud Update Service (FoxitCloudUpdateService) en Foxit Reader 6.1 hasta la versión 6.2.x y 7.x en versiones anteriores a 7.2.2, cuando una actualización para el plugin Cloud está disponible, permite a usuarios locales... • http://www.zerodayinitiative.com/advisories/ZDI-15-640 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •