Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phantompdf vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-17706
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...
Foxitsoftware Phantompdf
5.3
CVSSv3
CVE-2018-21237
An issue exists in Foxit PhantomPDF prior to 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.
Foxitsoftware Phantompdf
7.5
CVSSv3
CVE-2018-21238
An issue exists in Foxit PhantomPDF prior to 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.
Foxitsoftware Phantompdf
7.8
CVSSv3
CVE-2018-21241
An issue exists in Foxit PhantomPDF prior to 8.3.6. It has an untrusted search path that allows a DLL to execute remote code.
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2018-21242
An issue exists in Foxit PhantomPDF prior to 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action.
Foxitsoftware Phantompdf
6.5
CVSSv3
CVE-2018-21243
An issue exists in Foxit PhantomPDF prior to 8.3.6. It has COM object mishandling when Microsoft Word is used.
Foxitsoftware Phantompdf
7.5
CVSSv3
CVE-2019-14213
An issue exists in Foxit PhantomPDF prior to 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction.
Foxitsoftware Phantompdf
7.5
CVSSv3
CVE-2019-14207
An issue exists in Foxit PhantomPDF prior to 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error).
Foxitsoftware Phantompdf
7.5
CVSSv3
CVE-2019-14208
An issue exists in Foxit PhantomPDF prior to 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary.
Foxitsoftware Phantompdf
9.8
CVSSv3
CVE-2019-14209
An issue exists in Foxit PhantomPDF prior to 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm.
Foxitsoftware Phantompdf
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »