3046 matches found
CVE-2018-3842
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...
Design/Logic Flaw
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...
Type confusion
An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory disclosure, an...
CVE-2018-3843
An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory disclosure, an...
CVE-2018-3842
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...
CVE-2018-3843
An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory disclosure, an...
CVE-2018-3842
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...
CVE-2018-3842
CVE-2018-3842 affects Foxit PDF Reader (and related Foxit PDF components) with an exploitable use of an uninitialized pointer in the JavaScript engine. A specially crafted PDF can lead to dereference of uninitialized memory, enabling arbitrary code execution when the user opens the file; attack s...
CVE-2018-3843
Foxit PDF Reader 9.0.1.1049 is affected by a type-confusion vulnerability (CVE-2018-3843) in parsing files with associated file annotations. A crafted PDF can cause dereference of an object of invalid type, potentially leading to memory disclosure and possibly arbitrary code execution. Exploitati...
Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
Overview Talos is disclosing five vulnerabilities in Foxit PDF Reader. Foxit PDF Reader is a popular free program for viewing, creating, and editing PDF documents. It is commonly used as an alternative to Adobe Acrobat Reader and has a widely used browser plugin available. Update to the current...
Foxit PDF Reader Javascript Search Query Remote Code Execution Vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 8.3.2.25013. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...
Foxit PDF Reader JavaScript XFA Clone Remote Code Execution Vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick...
Foxit PDF Reader JavaScript createTemplate Remote Code Execution Vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused resulting in arbitrary code execution. An attacker needs to tric...
Foxit PDF Reader AssociatedFile Annotation Type Confusion
Summary An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory...
CVE-2018-0998
An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0892...
Information disclosure
An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0892...
EUVD-2018-1771
An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0892...
CVE-2018-0998
An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0892...
CVE-2018-0998
CVE-2018-0998 concerns an information disclosure in Microsoft Edge PDF Reader where objects in memory are improperly handled. The affected product is Microsoft Edge. The connected MSKB updates (KB4093107, KB4093112, KB4093119) describe quality/security fixes across Edge and related components, im...
Microsoft Edge Information Disclosure Vulnerability (CNVD-2018-07984)
Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation.Microsoft Windows 10 is a set of operating systems for personal computers.Windows Server 2016 is a set of server operating systems.Edge is one of the a default browser that comes with the system. An informatio...