2909 matches found
Foxit PDF Reader AssociatedFile Annotation Type Confusion
Summary An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory...
Foxit PDF Reader Javascript File Write Remote Code Execution
A File Write Remote Code Execution vulnerability exists in the Foxit Reader. This vulnerability is due to The createDataObject Javascript API function allows for writing arbitrary files to the file system. A remote attacker could exploit this vulnerability by enticing a victim user to open a...
Foxit PDF Reader JBIG2 Parser Information Disclosure Vulnerability(CVE-2016-8334)
Summary A large out of bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR. Tested Versions Foxit Software Foxit Reader 8.0.2.805 Produc...
Foxit PDF reader there 2 at high-risk vulnerabilities, the vendor has refused to fix? - Vulnerability warning-the black bar safety net
Use Foxit Foxit PDF reader's user to pay special attention to the security researchers which discovered two serious 0day vulnerability, such as not the reader is configured in the secure read mode open file, it would let the attacker on the target computer to execute arbitrary code. Foxit company...
Two Critical Zero-Day Flaws Disclosed in Foxit PDF Reader
Are you using Foxit PDF Reader? If yes, then you need to watch your back. Security researchers have discovered two critical zero-day security vulnerabilities in Foxit Reader software that could allow attackers to execute arbitrary code on a targeted computer, if not configured to open files in th...
CVE-2017-12892
Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer...
CVE-2017-12892
Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer...
CVE-2017-12892
Foxit PDF Compressor installers (versions 7.0.0.183 through 7.7.2.10) are affected by a DLL preloading vulnerability. The issue arises because the installer can load a malicious DLL located in its current working directory, enabling potential code execution during installation. CVE-2017-12892 is ...
Foxit PDF Reader JBIG2 Symbol Dictionary Out of Bounds Read (CVE-2016-8334)
An out-of-bounds vulnerability has been reported in the JBIG2 component of Foxit PDF Reader. This vulnerability is due to improper processing of Symbol Dictionary segment in an embedded JBIG2 image. A remote attacker could exploit this vulnerability by enticing a victim user to visit a malicious...
CVE-2017-8059
Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information username/password, in addition to the static authentication token if t...
CVE-2017-8059
Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information username/password, in addition to the static authentication token if t...
CVE-2017-8059
Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information username/password, in addition to the static authentication token if t...
CVE-2017-8059
Foxit PDF (iOS) before version 5.4 is vulnerable to accepting invalid/self-signed TLS certificates, enabling a passive or proximity attacker to perform a MITM and silently intercept login credentials (username/password) and an existing authentication token. Root cause: improper TLS certificate va...
Foxit PDF Reader Title Stack Buffer Overflow
A stack buffer overflow vulnerability has been reported in Foxit PDF Reader. The vulnerability is due to mishandling of an overly long string in the Title field. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted pdf file...
Memory corruption
Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file...
CVE-2017-7584
Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file...
CVE-2017-7584
Foxit PDF Toolkit prior to 2.1 contains a memory corruption vulnerability. Opening a specially crafted PDF can lead to Denial of Service or Remote Code Execution. Affected: Foxit PDF Toolkit before 2.1. Root cause: memory corruption (details not expanded in the provided documents). Mitigation: up...
CVE-2017-7584
Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file...
Foxit PDF Toolkit Detection (Windows SMB Login)
SMB login and WMI file search based detection of Foxit PDF Toolkit. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Foxit PDF Toolkit PDF File Parsing Memory Corruption Vulnerability
Foxit PDF Toolkit is prone to a memory corruption vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...