Foxit PDF Reader 缓冲区错误漏洞

Foxit PDF Editor is a PDF editor from Foxit, a Chinese company. A security vulnerability exists in Foxit PDF Editor, which stems from the fact that the product does not verify the existence of an Annotation object before operating on it. The vulnerability can be exploited to cause malicious code...

CVE-2021-34843

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2021-34849

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2021-34840

Foxit PDF Reader 11.0.0.49893 is affected by CVE-2021-34840 due to a flaw in handling Annotation objects where the existence of an object isn’t validated before operations. This permits arbitrary code execution in the context of the current process when a user opens a malicious file/page or visit...

CVE-2021-34833

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2021-31441

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-17417

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-17633

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-17633

CVE-2018-17633 affects Foxit Reader 9.2.0.9297 and earlier for Windows. The flaw is in the handling of the Annotation object's subject property, where the code fails to validate the existence of an object before operating on it, leading to a use-after-free condition and remote code execution. Exp...

Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-23724)

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the handling of the subject property of the Annotation object in Foxit Reader...

Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-23234)

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the handling of the subtype attribute of the Annotation object in Foxit Reader...

Foxit Reader and PhantomPDF Memory Misreference Vulnerability (CNVD-2018-20729)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A security vulnerability exists in Foxit Reader and PhantomPDF versions prior to 9.3, which stems from the program's failure to properly handle the properties of the Annotation...

Foxit Reader and PhantomPDF Memory Misreference Vulnerability (CNVD-2018-20728)

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A security vulnerability exists in Foxit Reader and PhantomPDF versions prior to 9.3, which stems from the program's failure to properly handle the properties of the Annotation...

CVE-2018-17610

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service use-after-free because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects...

CVE-2018-17608

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service use-after-free because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects...

CVE-2018-4900

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of...

Out-of-bounds memory read vulnerability in multiple Adobe products (CNVD-2018-05020)

Acrobat DC Continuous Track and so on are the United States of America Auduby Adobe company's products. Acrobat DC Continuous Track is a desktop version of the continuous update of the PDF solution. Reader DC Continuous Track is a continuous update of the PDF reading tool version. Reader DC...

Foxit Reader Annotation Object modDate Property Remote Code Execution Vulnerability

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A remote code execution vulnerability exists in the modDate property of the Annotation object in Foxit Reader version 8.3.1, where the program fails to validate the existence of an object before performing an operati...

Foxit Reader Annotations style Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Annotation object's...