Lucene search
+L

2909 matches found

Talos
Talos
added 2018/04/19 12:0 a.m.48 views

Foxit PDF Reader AssociatedFile Annotation Type Confusion

Summary An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory...

8.8CVSS7.8AI score0.24033EPSS
Exploits2
Check Point Advisories
Check Point Advisories
added 2017/12/18 12:0 a.m.6 views

Foxit PDF Reader Javascript File Write Remote Code Execution

A File Write Remote Code Execution vulnerability exists in the Foxit Reader. This vulnerability is due to The createDataObject Javascript API function allows for writing arbitrary files to the file system. A remote attacker could exploit this vulnerability by enticing a victim user to open a...

2.9AI score
Exploits0
seebug.org
seebug.org
added 2017/10/12 12:0 a.m.39 views

Foxit PDF Reader JBIG2 Parser Information Disclosure Vulnerability(CVE-2016-8334)

Summary A large out of bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR. Tested Versions Foxit Software Foxit Reader 8.0.2.805 Produc...

4.3CVSS4.9AI score0.1856EPSS
Exploits1
myhack58
myhack58
added 2017/08/18 12:0 a.m.114 views

Foxit PDF reader there 2 at high-risk vulnerabilities, the vendor has refused to fix? - Vulnerability warning-the black bar safety net

Use Foxit Foxit PDF reader's user to pay special attention to the security researchers which discovered two serious 0day vulnerability, such as not the reader is configured in the secure read mode open file, it would let the attacker on the target computer to execute arbitrary code. Foxit company...

0.07152EPSS
Exploits2
The Hacker News
The Hacker News
added 2017/08/17 6:46 a.m.60 views

Two Critical Zero-Day Flaws Disclosed in Foxit PDF Reader

Are you using Foxit PDF Reader? If yes, then you need to watch your back. Security researchers have discovered two critical zero-day security vulnerabilities in Foxit Reader software that could allow attackers to execute arbitrary code on a targeted computer, if not configured to open files in th...

6.8CVSS9.4AI score0.07152EPSS
Exploits2
NVD
NVD
added 2017/08/16 9:29 p.m.22 views

CVE-2017-12892

Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer...

7.8CVSS7.5AI score0.03337EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/08/16 9:0 p.m.30 views

CVE-2017-12892

Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer...

7.6AI score0.03337EPSS
Exploits0References2
CVE
CVE
added 2017/08/16 9:0 p.m.57 views

CVE-2017-12892

Foxit PDF Compressor installers (versions 7.0.0.183 through 7.7.2.10) are affected by a DLL preloading vulnerability. The issue arises because the installer can load a malicious DLL located in its current working directory, enabling potential code execution during installation. CVE-2017-12892 is ...

7.8CVSS7.5AI score0.03337EPSS
Exploits0References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2017/05/29 12:0 a.m.23 views

Foxit PDF Reader JBIG2 Symbol Dictionary Out of Bounds Read (CVE-2016-8334)

An out-of-bounds vulnerability has been reported in the JBIG2 component of Foxit PDF Reader. This vulnerability is due to improper processing of Symbol Dictionary segment in an embedded JBIG2 image. A remote attacker could exploit this vulnerability by enticing a victim user to visit a malicious...

4.3CVSS4.5AI score0.1856EPSS
Exploits1
NVD
NVD
added 2017/05/05 7:29 a.m.20 views

CVE-2017-8059

Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information username/password, in addition to the static authentication token if t...

8.1CVSS7.7AI score0.00524EPSS
Exploits0References1
OSV
OSV
added 2017/05/05 7:29 a.m.5 views

CVE-2017-8059

Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information username/password, in addition to the static authentication token if t...

8.1CVSS5.8AI score0.00524EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/05/05 7:4 a.m.27 views

CVE-2017-8059

Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information username/password, in addition to the static authentication token if t...

7.7AI score0.00524EPSS
Exploits0References1
CVE
CVE
added 2017/05/05 7:4 a.m.48 views

CVE-2017-8059

Foxit PDF (iOS) before version 5.4 is vulnerable to accepting invalid/self-signed TLS certificates, enabling a passive or proximity attacker to perform a MITM and silently intercept login credentials (username/password) and an existing authentication token. Root cause: improper TLS certificate va...

8.1CVSS7.6AI score0.00524EPSS
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2017/05/01 12:0 a.m.4 views

Foxit PDF Reader Title Stack Buffer Overflow

A stack buffer overflow vulnerability has been reported in Foxit PDF Reader. The vulnerability is due to mishandling of an overly long string in the Title field. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted pdf file...

3.8AI score
Exploits0
Prion
Prion
added 2017/04/07 8:59 p.m.17 views

Memory corruption

Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file...

6.8CVSS7.6AI score0.02296EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/04/07 8:59 p.m.21 views

CVE-2017-7584

Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file...

7.8CVSS7.7AI score0.02296EPSS
Exploits0References2
CVE
CVE
added 2017/04/07 8:0 p.m.51 views

CVE-2017-7584

Foxit PDF Toolkit prior to 2.1 contains a memory corruption vulnerability. Opening a specially crafted PDF can lead to Denial of Service or Remote Code Execution. Affected: Foxit PDF Toolkit before 2.1. Root cause: memory corruption (details not expanded in the provided documents). Mitigation: up...

7.8CVSS7.7AI score0.02296EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/04/07 8:0 p.m.21 views

CVE-2017-7584

Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file...

7.8AI score0.02296EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/01/25 12:0 a.m.26 views

Foxit PDF Toolkit Detection (Windows SMB Login)

SMB login and WMI file search based detection of Foxit PDF Toolkit. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2017/01/25 12:0 a.m.31 views

Foxit PDF Toolkit PDF File Parsing Memory Corruption Vulnerability

Foxit PDF Toolkit is prone to a memory corruption vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.7AI score0.02296EPSS
Exploits0References1
Rows per page
Query Builder