Foxitsoftware Phantompdf vulnerabilities
549 known vulnerabilities affecting foxitsoftware/phantompdf.
Total CVEs
549
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL26HIGH438MEDIUM68LOW17
Vulnerabilities
Page 15 of 28
CVE-2018-17659HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17659 [HIGH] CWE-416 CVE-2018-17659: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the title property of a Host object. The issue re
nvd
CVE-2018-17658HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17658 [HIGH] CWE-416 CVE-2018-17658: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the respose property of a host object. The issue
nvd
CVE-2018-17653HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17653 [HIGH] CWE-416 CVE-2018-17653: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resolveNode method of a TimeField. The issue
nvd
CVE-2018-17678HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17678 [HIGH] CWE-416 CVE-2018-17678: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the gotoNamedDest method of a app object. The iss
nvd
CVE-2018-17662HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17662 [HIGH] CWE-416 CVE-2018-17662: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the beep method of a Host object. The issue resul
nvd
CVE-2018-17689HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17689 [HIGH] CWE-416 CVE-2018-17689: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the fillColor property of a radio button. The
nvd
CVE-2018-17626HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17626 [HIGH] CWE-416 CVE-2018-17626: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Validate events of TextBox objects. The issue
nvd
CVE-2018-17629HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17629 [HIGH] CWE-416 CVE-2018-17629: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of template objects. The issue results from the lack
nvd
CVE-2018-17682HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17682 [HIGH] CWE-416 CVE-2018-17682: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the delay property of Annotation objects. The iss
nvd
CVE-2018-17690HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17690 [HIGH] CWE-416 CVE-2018-17690: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the rect property of a Link object. The issue
nvd
CVE-2018-17680HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17680 [HIGH] CWE-416 CVE-2018-17680: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the style property of a Field object. The issue r
nvd
CVE-2018-17681HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17681 [HIGH] CWE-416 CVE-2018-17681: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the getPageBox method of a Form. The issue result
nvd
CVE-2018-17684HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17684 [HIGH] CWE-416 CVE-2018-17684: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the isPropertySpecified method. The issue results
nvd
CVE-2018-17639HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17639 [HIGH] CWE-416 CVE-2018-17639: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the setElement method. The issue results from the
nvd
CVE-2018-17670HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17670 [HIGH] CWE-416 CVE-2018-17670: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the content property of a XFA object. The issue r
nvd
CVE-2018-17640HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17640 [HIGH] CWE-416 CVE-2018-17640: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Form count property. The issue results from t
nvd
CVE-2018-17634HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17634 [HIGH] CWE-416 CVE-2018-17634: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the attachIcon property of Annotation objects. Th
nvd
CVE-2018-17660HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17660 [HIGH] CWE-416 CVE-2018-17660: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resetData method of a Host object. The issue
nvd
CVE-2018-17643HIGHCVSS 8.8≤ 9.2.0.92972019-01-24
CVE-2018-17643 [HIGH] CWE-416 CVE-2018-17643: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the editValue property of a TimeField. The issue
nvd
CVE-2018-17699MEDIUMCVSS 6.5≤ 9.2.0.92972019-01-24
CVE-2018-17699 [MEDIUM] CWE-125 CVE-2018-17699: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF files. The issue results from th
nvd