CVE-2020-13809
https://notcve.org/view.php?id=CVE-2020-13809
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via long strings in the content stream. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.7.2. Permite el consumo de recursos por medio de largas cadenas en el flujo de contenido • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-400: Uncontrolled Resource Consumption •
CVE-2020-13807
https://notcve.org/view.php?id=CVE-2020-13807
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has circular reference mishandling that causes a loop. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.7.2. Presenta un manejo inapropiado de referencia circular que causa un bucle • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2020-13806
https://notcve.org/view.php?id=CVE-2020-13806
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has a use-after-free because of JavaScript execution after a deletion or close operation. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.7.2. Presenta un uso de la memoria previamente liberada debido a una ejecución de JavaScript después de una operación de borrado o cierre • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVE-2020-13805
https://notcve.org/view.php?id=CVE-2020-13805
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.7.2. Presenta un manejo inapropiado de un ataque de fuerza bruta porque el servicio CAS carece de un límite de fallos de inicio de sesión • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVE-2020-13804
https://notcve.org/view.php?id=CVE-2020-13804
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin. Se detectó un problema en Foxit Reader y PhantomPDF versiones anteriores a 9.7.2. Permite una divulgación de información de un nombre de usuario y contraseña embebidos en el plugin DocuSign • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-798: Use of Hard-coded Credentials •