Design/Logic Flaw

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows an out-of-bounds read via util.scand...

Null pointer dereference

An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS. It mishandles missing dictionary entries, leading to a NULL pointer dereference, aka CNVD-C-2021-95204...

CVE-2021-38563

Foxit PDF Reader and Foxit PDF Editor are affected by CVE-2021-38563 (pre-11.0.1). The issue arises when an array size derived from a /Size entry is smaller than the maximum indirect object number, causing an incorrect array access that can dereference NULL or read/write out of bounds. Impact can...

CVE-2021-38563

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It mishandles situations in which an array size derived from a /Size entry is smaller than the maximum indirect object number, and thus there is an attempted incorrect array access leading to a NULL pointer...

CVE-2021-38564

CVE-2021-38564 affects Foxit PDF Reader before 11.0.1 and Foxit PDF Editor before 11.0.1. The issue is an out-of-bounds read via util.scand/scand, disclosed across multiple sources. Root cause is improper handling leading to an out-of-bounds read, with impact described as partial confidentiality ...

CVE-2021-38564

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows an out-of-bounds read via util.scand...

CVE-2021-38565

The CVE-2021-38565 entry concerns Foxit PDF Reader before 11.0.1 and Foxit PDF Editor before 11.0.1. The vulnerability allows writing to arbitrary files via the submitForm function, indicating an arbitrary file write flaw in these products. Connected sources consistently identify the affected sof...

CVE-2021-38566

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows stack consumption during recursive processing of embedded XML nodes...

CVE-2021-38567

CVE-2021-38567 affects Foxit PDF Editor and Foxit PDF Reader prior to 11.0.1 on macOS. The root cause is mishandling of missing dictionary entries, leading to a NULL pointer dereference. Reported across multiple sources, including PT-2021-22216, the vulnerability results in an unrecoverable crash...

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are both products of Foxit China. Foxit PDF Reader is a PDF reader and Foxit PDF Editor is a PDF editor. A security vulnerability exists in versions prior to 11.0.1, which can be exploited to allow an attacker to write arbitrary files via submitForm...

Foxit PDF Reader和Foxit PDF Editor 输入验证错误漏洞

Foxit PDF Reader and Foxit PDF Editor are both products of Foxit China, a PDF reader, and Foxit PDF Editor, a PDF editor. stems from mistakenly handling the case where the array size is smaller than the maximum number of indirect objects, and an attacker can exploit the vulnerability to cause NUL...

Foxit PDF Reader和Foxit PDF Editor 缓冲区错误漏洞

Foxit PDF Reader and Foxit PDF Editor are both products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader and Foxit PDF Editor is a PDF editor. Versions prior to 11.0.1 have a security vulnerability that can be exploited to allow out-of-bounds reading via util.scan...

Foxit PDF Reader 资源管理错误漏洞

Foxit PDF Reader is a PDF reader from Foxit China. versions prior to Foxit PDF Reader 11.0.1 and PDF Editor 11.0.1 have a security vulnerability that can be exploited by attackers stemming from the application allowing the use of stacks during recursive processing of embedded XML nodes...

CVE-2021-21870

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

CVE-2021-21831

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

CVE-2021-21831

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

CVE-2021-21870

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

CVE-2021-21893

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.0.0.49893. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

Design/Logic Flaw

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a...

Design/Logic Flaw

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.0.0.49893. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the...