19 matches found
CVE-2025-30057
In UHCRTFDoc, the filename parameter can be exploited to execute arbitrary code via command injection into the system call in the ConvertToPDF function...
CVE-2019-6759
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2019-6758
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2019-6755
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2019-6757
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
PT-2019-18319 · Foxit · Foxit Reader
Name of the Vulnerable Software and Affected Versions: Foxit Reader version 9.3.10826 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The fla...
PT-2019-18317 · Foxit · Foxit Reader
Name of the Vulnerable Software and Affected Versions: Foxit Reader version 9.4.16811 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The fla...
PT-2019-18315 · Foxit · Foxit Reader
Name of the Vulnerable Software and Affected Versions: Foxit Reader version 9.3.10826 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The fla...
CVE-2018-19388
FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service out-of-bounds read, access violation, and application crash via TIFF data because of a ConvertToPDFx86!ReleaseFXURLToHtml issue...
CVE-2018-11621
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2018-9974
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Foxit Reader ConvertToPDF_x86 jpg Parsing Out-of-Bounds Read Information Disclosure Vulnerability (CNVD-2018-09958)
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the handling of interactive properties of the PrintParams object, due to a lack of proper memory initialization before accessing memory, which can be exploited by an attacker to obtain...
Foxit Reader ConvertToPDF_x86 BMP Parsing Remote Code Execution Vulnerability
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the ConvertToPDFx86.dll implementation that can be exploited by an attacker to execute arbitrary code in the current process context due to a lack of proper validation of the length of...
Foxit Reader and PhantomPDF Denial of Service Vulnerability (CNVD-2016-10514)
Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A denial of service vulnerability exists in the ConvertToPDF plug-in in Foxit Reader and PhantomPDF versions prior to 8.1 on Windows-based platforms. When the gflags application...
Foxit Reader 'ConvertToPDF' Plugin Information Disclosure Vulnerability
Foxit Reader is a PDF document reader. An information disclosure vulnerability exists in the Foxit Reader 'ConvertToPDF' plug-in. An attacker can exploit the vulnerability to obtain sensitive information...
Foxit Reader ConvertToPDF TIFF Parsing Remote Code Execution Vulnerability
Foxit Reader is China's Foxit Foxit Software Corporation produced a small PDF document viewing and printing program, PhantomPDF is a commercial version. Foxit Reader and PhantomPDF 8.0.0.624, as well as earlier versions of the ConvertToPDF plug-in has a security vulnerability that can be triggere...
Foxit Reader ConvertToPDF BMP Parsing Information Disclosure Vulnerability
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the ConvertToPDF plug-in, due to a constructed BMP graphic that triggers a read of memory outside of the allocated object. Exploitation of this vulnerability allows an attacker to execut...
Foxit Reader ConvertToPDF JPEG Out-of-Bounds Read Information Disclosure Vulnerability
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the ConvertToPDF plug-in, due to a constructed JPEG graphic that triggers a read of memory outside of the allocated object. An attacker could be allowed to exploit the vulnerability to...
Foxit Reader ConvertToPDF Heap Buffer Overflow Remote Code Execution Vulnerability
Foxit Reader is a small PDF document viewer and printing program. A security vulnerability exists in Foxit Reader's ConvertToPDFx86.dll that can be exploited to allow an attacker to interact with a victim via a malicious web page or a malicious file to execute arbitrary commands in the current...