Page 36 of 548 results (0.013 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm. Se detectó un problema en PhantomPDF anterior a versión 8.3.10 Foxit. La aplicación podría estar expuesta a la Corrupción de Pila debido a la desincronía de datos al agregar AcroForm. • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary. Se detectó un problema en PhantomPDF anterior a versión 8.3.10 de Foxit . La aplicación podría estar expuesta a una desreferencia de un puntero NULL y un bloqueo al conseguir un objeto PDF desde un documento, o al analizar un portafolio determinado que contiene un diccionario null. • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error). Se detectó un problema en PhantomPDF anterior a versión 8.3.11 de Foxit. La aplicación podría bloquearse al llamar a la función clone debido a un bucle infinito que resulta de las relaciones confusas entre un objeto hijo y padre (causado por un error de adición). • http://www.securityfocus.com/bid/109314 https://www.foxitsoftware.com/support/security-bulletins.php • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.foxitsoftware.com/support/security-bulletins.php https://www.zerodayinitiative.com/advisories/ZDI-19-633 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.foxitsoftware.com/support/security-bulletins.php https://www.zerodayinitiative.com/advisories/ZDI-19-634 • CWE-416: Use After Free •