24 matches found
CVE-2018-17655
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2018-17654
Foxit Reader on Windows (versions up to 9.2.0.9297) is affected by a vulnerability in the XFA Form Model insertInstance handling. The flaw is a use-after-free due to lack of validating object existence before operations, enabling remote code execution if a user opens a malicious file or visits a ...
Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-24463)
Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory error vulnerability exists in the handling of the moveInstance method of the Form object in Foxit Reader 9.2.0.9297 and...
Foxit Reader XFA Form Model insertInstance Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...