Phantompdf
Approved changes feed: RSS · Atom
cpe:2.3:a:foxitsoftware:phantompdf:*:*:*:*:*:windows:*:*
part: a version: * update: *
| Vendor | Foxitsoftware (432505a3-624b-5d0c-b6e3-841531927527) |
|---|---|
| Product | Phantompdf (2cd58ed5-9b41-594e-b6a8-2af682be90e0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | windows |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-8879 |
vulnerable | 2026-06-03 14:36:14.995847 |
Details available
The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap Corruption" issue.
Published: 2016-10-31T10:00:00.000Z
Updated: 2024-08-06T02:35:01.818Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-8878 |
vulnerable | 2026-06-03 14:36:14.995517 |
Details available
Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return value starting at FOXITREADER."
Published: 2016-10-31T10:00:00.000Z
Updated: 2024-08-06T02:35:02.196Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-8877 |
vulnerable | 2026-06-03 14:36:14.995181 |
Details available
Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue.
Published: 2016-10-31T10:00:00.000Z
Updated: 2024-08-06T02:35:01.925Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-8876 |
vulnerable | 2026-06-03 14:36:14.994809 |
Details available
Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."
Published: 2016-10-31T10:00:00.000Z
Updated: 2024-08-06T02:35:02.062Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-8875 |
vulnerable | 2026-06-03 14:36:14.993705 |
Details available
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ConvertToPDF_x86!CreateFXPDFConvertor."
Published: 2016-10-31T10:00:00.000Z
Updated: 2024-08-06T02:35:01.932Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4065 |
vulnerable | 2026-06-03 14:35:47.185160 |
Details available
The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted (1) JPEG, (2) GIF, or (3) BMP image.
Published: 2016-04-22T14:00:00.000Z
Updated: 2024-09-17T02:47:59.300Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4064 |
vulnerable | 2026-06-03 14:35:47.184814 |
Details available
Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call.
Published: 2016-04-22T14:00:00.000Z
Updated: 2024-08-06T00:17:31.127Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4063 |
vulnerable | 2026-06-03 14:35:47.184482 |
Details available
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document.
Published: 2016-04-22T14:00:00.000Z
Updated: 2024-08-06T00:17:30.925Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4062 |
vulnerable | 2026-06-03 14:35:47.184124 |
Details available
Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF.
Published: 2016-04-22T14:00:00.000Z
Updated: 2024-08-06T00:17:30.779Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4061 |
vulnerable | 2026-06-03 14:35:47.183812 |
Details available
Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream.
Published: 2016-04-22T14:00:00.000Z
Updated: 2024-08-06T00:17:30.918Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4060 |
vulnerable | 2026-06-03 14:35:47.183480 |
Details available
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
Published: 2016-04-22T14:00:00.000Z
Updated: 2024-08-06T00:17:31.172Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-4059 |
vulnerable | 2026-06-03 14:35:47.183004 |
Details available
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document.
Published: 2016-04-22T14:00:00.000Z
Updated: 2024-08-06T00:17:30.660Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.