) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:foxitsoftware:reader:3.0
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-20837 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It allows signature validation bypass via a modified file or a file with non-standard signatures. Published: June 04, 2020; 1:15:13 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-20836 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive. Published: June 04, 2020; 1:15:13 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-20835 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has homograph mishandling. Published: June 04, 2020; 1:15:13 PM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-20830 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write when Internet Explorer is used. Published: June 04, 2020; 1:15:12 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2019-20829 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file. Published: June 04, 2020; 1:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-20828 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs. Published: June 04, 2020; 1:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-20827 |
An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space. Published: June 04, 2020; 1:15:12 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2019-20826 |
An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It has a NULL pointer dereference. Published: June 04, 2020; 1:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2018-21240 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call. Published: June 04, 2020; 1:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2018-21239 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action. Published: June 04, 2020; 1:15:10 PM -0400 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
| CVE-2020-13815 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference. Published: June 04, 2020; 12:15:13 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2020-13814 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary. Published: June 04, 2020; 12:15:13 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2019-20820 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference during the parsing of file data. Published: June 04, 2020; 12:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-20819 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows stack consumption via nested function calls for XML parsing. Published: June 04, 2020; 12:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-20818 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows memory consumption because data is created for each page of an application level. Published: June 04, 2020; 12:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-20817 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference. Published: June 04, 2020; 12:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2020-13810 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows signature validation bypass via a modified file or a file with non-standard signatures. Published: June 04, 2020; 11:15:13 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2020-13809 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via long strings in the content stream. Published: June 04, 2020; 11:15:13 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2020-13808 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data. Published: June 04, 2020; 11:15:13 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2020-13807 |
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has circular reference mishandling that causes a loop. Published: June 04, 2020; 11:15:13 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |