Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2017/11/10 12:0 a.m.21 views

Foxit Reader Multiple Vulnerabilities (Nov 2017) - Windows

Foxit Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:reader";...

8.8CVSS8.3AI score0.03195EPSS
Exploits0References2
CVE
CVE
added 2017/10/31 7:0 p.m.70 views

CVE-2017-10953

CVE-2017-10953 affects Foxit Reader (up to 8.3.1.21155). The flaw is in the gotoURL method, where an unvalidated user-supplied string is used to perform a system call, enabling remote code execution. Exploitation requires user interaction (victim opens a malicious file or visits a crafted page). ...

8.8CVSS8.8AI score0.03195EPSS
Exploits0References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2017/09/24 12:0 a.m.32 views

Foxit Reader and PhantonPDF XFA gotoURL Command Injection (CVE-2017-10953; CVE-2019-8160)

A command injection vulnerability exists in the XFA component of Foxit Reader and PhantomPDF. This vulnerability is due to improper handling of user-supplied string for the gotoURL function call. A remote attacker could exploit this vulnerability by enticing a victim user to visit a malicious web...

6.8CVSS2.4AI score0.03195EPSS
Exploits0
Kaspersky
Kaspersky
added 2017/08/17 12:0 a.m.362 views

KLA11093 Arbitrary code execution vulnerabilities in Foxit Reader

Multiple serious vulnerabilities have been found in Foxit Reader and Foxit PhantomPDF. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper validation of user-supplied data in the saveAs Java script function can b...

8.8CVSS9.5AI score0.07152EPSS
Exploits2References6
Rows per page
Query Builder