Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 8.3.2.25013. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick th...

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

CVE-2018-3850

An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

CVE-2018-3850

An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

Design/Logic Flaw

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...

CVE-2018-3842

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...

CVE-2018-3843

An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory disclosure, an...

Type confusion

An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory disclosure, an...

CVE-2018-3843

An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory disclosure, an...

CVE-2018-3842

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...

Foxit PDF Reader JavaScript XFA Clone Remote Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick...

Foxit PDF Reader JavaScript setPersistent Remote Code Execution Vulnerability

Summary An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code...

PT-2018-16236 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.0.1.1049 Description: The issue is related to an uninitialized pointer in the JavaScript engine. A specially crafted PDF document can cause a dereference of this pointer, potentially leading to arbitrary code...

Adobe Flash Player for Mac <= 29.0.0.113 (APSB18-08)

The version of Adobe Flash Player installed on the remote macOS or Mac OS X host is equal or prior to version 29.0.0.113. It is therefore affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid108959; scriptversion"1.7";...

Adobe Flash Player <= 28.0.0.161 (APSB18-05)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 28.0.0.161. It is therefore affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Adobe Flash Player <= 28.0.0.137 Use-after-free Remote Code Execution (APSA18-01) (APSB18-03)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 28.0.0.137. It is, therefore, affected by a use-after-free vulnerability that allows arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Adobe Flash Player <= 27.0.0.187 (APSB17-42)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 27.0.0.187. It is, therefore, affected by a vulnerability which may allow an attacker to reset the global settings preference file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

RHEL 7 : java-1.7.0-oracle (RHSA-2017:3046)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3046 advisory. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades...

Important: Red Hat Security Advisory: java-1.7.0-oracle security update

An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...

Important: Red Hat Security Advisory: java-1.6.0-sun security update

An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives ...