Lucene search
K

186 matches found

NVD
NVD
added 2019/01/30 10:29 p.m.26 views

CVE-2018-3956

An exploitable out-of-bounds read vulnerability exists in the handling of certain XFA element attributes of Foxit Software's PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger an out-of-bounds read, which can disclose sensitive memory content and aid in exploitation when...

7.1CVSS6.9AI score0.49566EPSS
Exploits1References1
CVE
CVE
added 2019/01/30 10:0 p.m.72 views

CVE-2018-3956

CVE-2018-3956 is an out-of-bounds read/write vulnerability in Foxit Software’s PDF Reader/PhantomPDF related to handling of XFA element attributes. Affected products include Foxit Reader and Foxit PhantomPDF prior to version 9.4, with a specific reference to Foxit PDF Reader 9.1.0.5096. The vulne...

7.1CVSS6.7AI score0.49566EPSS
Exploits1References1Affected Software2
Source Incite
Source Incite
added 2018/12/19 12:0 a.m.25 views

SRC-2019-0028 : Foxit Reader PDF Printer proxyDoAction opcode 0x200000 Stack Buffer Overflow Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

8.1CVSS8.1AI score0.00816EPSS
Exploits1
Source Incite
Source Incite
added 2018/12/19 12:0 a.m.24 views

SRC-2019-0026 : Foxit Reader PDF Printer proxyCPDFAction Stack Buffer Overflow Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

8.1CVSS8.1AI score0.00816EPSS
Exploits1
NVD
NVD
added 2018/10/08 4:29 p.m.26 views

CVE-2018-3997

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick th...

8.8CVSS8.2AI score0.03039EPSS
Exploits1References3
NVD
NVD
added 2018/10/08 4:29 p.m.24 views

CVE-2018-3942

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

8.8CVSS8.2AI score0.03155EPSS
Exploits1References3
NVD
NVD
added 2018/10/08 4:29 p.m.19 views

CVE-2018-3941

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

8.8CVSS8.2AI score0.03155EPSS
Exploits1References3
NVD
NVD
added 2018/10/08 4:29 p.m.22 views

CVE-2018-3945

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

8.8CVSS8.2AI score0.03197EPSS
Exploits1References3
NVD
NVD
added 2018/10/08 4:29 p.m.24 views

CVE-2018-3940

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused. An attacker needs to trick the user to open the malicious file to trigger...

8.8CVSS7.9AI score0.02114EPSS
Exploits1References3
Prion
Prion
added 2018/10/08 4:29 p.m.17 views

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick th...

6.8CVSS8.8AI score0.02848EPSS
Exploits1References3Affected Software2
Prion
Prion
added 2018/10/08 4:29 p.m.14 views

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

6.8CVSS8.8AI score0.03197EPSS
Exploits1References3Affected Software2
CVE
CVE
added 2018/10/08 4:0 p.m.62 views

CVE-2018-3992

CVE-2018-3992 is a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine (version 9.2.0.9297). A specially crafted PDF can reuse a freed memory object, leading to arbitrary code execution. Exploitation requires user action to open the malicious file; if the browser plugin extension...

8.8CVSS8.3AI score0.02848EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2018/10/08 4:0 p.m.31 views

CVE-2018-3942

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

8CVSS8.8AI score0.03155EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/10/08 4:0 p.m.26 views

CVE-2018-3945

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

8CVSS8.8AI score0.03197EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/10/08 4:0 p.m.30 views

CVE-2018-3992

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick th...

8CVSS8.8AI score0.02848EPSS
Exploits1References2
CVE
CVE
added 2018/10/08 4:0 p.m.62 views

CVE-2018-3997

The CVE-2018-3997 entry concerns Foxit PDF Reader. A use-after-free in the JavaScript engine of Foxit PDF Reader, version 9.2.0.9297, can be triggered by a specially crafted PDF, causing reuse of a previously freed object and arbitrary code execution. An attacker must entice the user to open the ...

8.8CVSS8.3AI score0.03039EPSS
Exploits1References3Affected Software2
CVE
CVE
added 2018/10/08 4:0 p.m.54 views

CVE-2018-3996

CVE-2018-3996 concerns Foxit PDF Reader’s JavaScript engine. The vulnerability is a use-after-free in version 9.2.0.9297 that can be triggered by a crafted PDF document, allowing arbitrary code execution by reusing a freed object. An attacker must entice the user to open the malicious file; if a ...

8.8CVSS8.3AI score0.03155EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2018/10/08 4:0 p.m.23 views

CVE-2018-3997

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick th...

8CVSS8.8AI score0.03039EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/10/08 4:0 p.m.24 views

CVE-2018-3940

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused. An attacker needs to trick the user to open the malicious file to trigger...

8CVSS8.5AI score0.02114EPSS
Exploits1References2
CVE
CVE
added 2018/10/08 4:0 p.m.82 views

CVE-2018-3942

CVE-2018-3942 is an exploitable use-after-free in Foxit PDF Reader’s JavaScript engine (Foxit Software) affecting version 9.1.0.5096. A specially crafted PDF can cause a previously freed object to be reused, enabling arbitrary code execution. The vulnerability requires the user to open the malici...

8.8CVSS8.3AI score0.03155EPSS
Exploits1References3Affected Software2
Rows per page
Query Builder