5374 matches found
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Foxit Reader...
CVE-2010-20010
CVE-2010-20010 affects Foxit PDF Reader prior to 4.2.0.0928. The flaw is a buffer overflow in the /Title entry of the PDF Info dictionary, caused by not properly bound-checking an overlong Title string, which can corrupt the SEH chain and allow arbitrary code execution in the user context. Public...
CVE-2010-20010
Foxit PDF Reader before 4.2.0.0928 does not properly bound-check the /Title entry in the PDF Info dictionary. A specially crafted PDF with an overlong Title string can overflow a fixed-size stack buffer, corrupt the Structured Exception Handler SEH chain, and lead to arbitrary code execution in t...
CVE-2010-20010 Foxit PDF Reader < 4.2.0.0928 Title Stack Buffer Overflow
Foxit PDF Reader before 4.2.0.0928 does not properly bound-check the /Title entry in the PDF Info dictionary. A specially crafted PDF with an overlong Title string can overflow a fixed-size stack buffer, corrupt the Structured Exception Handler SEH chain, and lead to arbitrary code execution in t...
CVE-2011-10030
Foxit PDF Reader 4.3.1.0218 exposes a JavaScript API function, createDataObject, that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code...
CVE-2011-10030
Foxit PDF Reader 4.3.1.0218 exposes a JavaScript API function, createDataObject, that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code...
CVE-2011-10030
Foxit PDF Reader before 4.3.1.0218 is affected by CVE-2011-10030 due to a JavaScript API function createDataObject() that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into priv...
CVE-2011-10030 Foxit PDF Reader < 4.3.1.0218 JavaScript File Write
Foxit PDF Reader 4.3.1.0218 exposes a JavaScript API function, createDataObject, that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code...
Foxit PDF Reader 安全漏洞
Foxit PDF Reader is a PDF reader from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Reader versions prior to 4.3.1.0218, which stems from a JavaScript API function createDataObject that allows writing to arbitrary files, potentially resulting in code execution...
Foxit PDF Editor < 2025.2 Multiple Vulnerabilities
According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 2025.2. It is, therefore affected by multiple vulnerabilities: - A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of ...
PT-2025-34127 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions prior to 4.2.0.0928 Description: Foxit PDF Reader does not correctly validate the /Title entry in the PDF Info dictionary. A specially crafted PDF document with an excessively long Title string can cause a fixed-size...
PT-2025-34111 · Undefined · Undefined
Foxit PDF Reader 4.3.1.0218 exposes a JavaScript API function, createDataObject, that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code...
CVE-2025-32451
A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...
Foxit Reader Memory Corruption Vulnerability (Aug 2025)
Foxit Reader is prone to a memory corruption vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:reader"...
CVE-2025-32451
A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...
CVE-2025-32451
A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...
CVE-2025-32451
A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...
CVE-2025-32451
Foxit Reader 2025.1.0.27937 is affected by CVE-2025-32451, a memory corruption vulnerability caused by an uninitialized pointer. Exploitation requires a user to open a specially crafted malicious PDF containing Javascript, or to visit a crafted malicious site if the browser plugin is enabled, pot...