Vulnerabilities > Foxitsoftware > Phantompdf > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-23 | CVE-2018-10303 | Use After Free vulnerability in Foxitsoftware Phantompdf A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-y0nqfutlf3. | 8.8 |
| 2018-04-23 | CVE-2018-10302 | Use After Free vulnerability in Foxitsoftware Phantompdf A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-jyb51g3mv9. | 7.8 |
| 2018-02-07 | CVE-2016-6169 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Foxit Reader Heap-based buffer overflow in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (memory corruption and application crash) or potentially execute arbitrary code via the Bezier data in a crafted PDF file. | 7.8 |
| 2018-02-07 | CVE-2016-6168 | Use After Free vulnerability in Foxitsoftware Foxit Reader Use-after-free vulnerability in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a crafted PDF file. | 7.8 |
| 2017-07-07 | CVE-2017-10994 | Write-what-where Condition vulnerability in Foxitsoftware Foxit Reader Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document. | 7.3 |
| 2017-05-03 | CVE-2017-8455 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | 7.8 |
| 2017-05-03 | CVE-2017-8454 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | 8.8 |
| 2017-05-03 | CVE-2017-8453 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | 8.8 |
| 2017-01-23 | CVE-2017-5556 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader and Phantompdf The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. | 8.1 |
| 2016-10-31 | CVE-2016-8878 | Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf and Reader Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return value starting at FOXITREADER." | 8.8 |