Foxitsoftware » Phantompdf : Security Vulnerabilities, CVEs, Published In 2016 (Denial of service)
The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap Corruption" issue.
Max CVSS
6.5
EPSS Score
0.15%
Published
2016-10-31
Updated
2016-11-29
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ConvertToPDF_x86!CreateFXPDFConvertor."
Max CVSS
5.3
EPSS Score
0.15%
Published
2016-10-31
Updated
2016-11-29
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted (1) JPEG, (2) GIF, or (3) BMP image.
Max CVSS
7.8
EPSS Score
0.30%
Published
2016-04-22
Updated
2016-11-08
Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF.
Max CVSS
5.5
EPSS Score
0.16%
Published
2016-04-22
Updated
2016-11-28
Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream.
Max CVSS
7.5
EPSS Score
0.25%
Published
2016-04-22
Updated
2016-11-28
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.24%
Published
2016-04-22
Updated
2016-11-28
6 vulnerabilities found