National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:foxitsoftware:phantompdf:5.4.2
There are 369 matching records.
Displaying matches 361 through 369.
Vuln ID Summary CVSS Severity
CVE-2016-4063

Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document.

Published: April 22, 2016; 11:59:04 AM -04:00
V3.0: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2016-4062

Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF.

Published: April 22, 2016; 11:59:03 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-4061

Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream.

Published: April 22, 2016; 11:59:02 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2016-4060

Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

Published: April 22, 2016; 11:59:01 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2016-4059

Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document.

Published: April 22, 2016; 11:59:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2015-8580

Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document.

Published: December 16, 2015; 04:59:12 PM -05:00
    V2: 6.8 MEDIUM
CVE-2015-3633

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures.

Published: May 01, 2015; 11:59:12 AM -04:00
    V2: 5.0 MEDIUM
CVE-2015-3632

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file.

Published: May 01, 2015; 11:59:10 AM -04:00
    V2: 4.3 MEDIUM
CVE-2015-2790

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image.

Published: March 30, 2015; 10:59:10 AM -04:00
    V2: 4.3 MEDIUM