CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2018/10/08 4:29 p.m.•14 views

CVE-2018-16293

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...

7.8CVSS7.7AI score0.00546EPSS

Prion•added 2018/10/08 4:29 p.m.•9 views

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused. An attacker needs to trick the user to open the malicious file to trigger...

6.8CVSS8.5AI score0.07272EPSS

Exploits1References3Affected Software2

NVD•added 2018/10/08 4:29 p.m.•10 views

CVE-2018-16292

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...

7.8CVSS7.7AI score0.00546EPSS

Prion•added 2018/10/08 4:29 p.m.•17 views

Design/Logic Flaw

6.8CVSS7.7AI score0.00546EPSS

CVE•added 2018/10/08 4:0 p.m.•47 views

CVE-2018-16291

CVE-2018-16291 affects Foxit Reader and Foxit PhantomPDF prior to version 9.3, where a use-after-free in the JavaScript engine can be triggered by a specially crafted PDF to execute arbitrary code. The vulnerability can be exploited when a user opens a malicious PDF file; if the browser plugin is...

Cvelist•added 2018/10/08 4:0 p.m.•15 views

CVE-2018-16296

CVE•added 2018/10/08 4:0 p.m.•49 views

CVE-2018-16293

CVE-2018-16293 is a use-after-free vulnerability in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3. A specially crafted PDF can trigger a previously freed object to be reused, leading to arbitrary code execution. An attacker must entice a user to open the malicious PDF...

Cvelist•added 2018/10/08 4:0 p.m.•18 views

CVE-2018-3942

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

Cvelist•added 2018/10/08 4:0 p.m.•18 views

CVE-2018-16294

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...

CVE•added 2018/10/08 4:0 p.m.•39 views

CVE-2018-16296

Technical details about CVE-2018-16296 are not present in the provided connected documents. The supplied sources do not specify affected products/versions, impact, or remediation. Monitor for updates from official sources.

CVE•added 2018/10/08 4:0 p.m.•42 views

CVE-2018-16292

Summary of CVE-2018-16292 (Foxit Reader/PhantomPDF) : A use-after-free vulnerability in the JavaScript engine of Foxit Reader (before 9.3) and PhantomPDF (before 9.3) can be triggered by a specially crafted PDF to reuse a previously freed object, enabling arbitrary code execution. An attacker mus...

Cvelist•added 2018/10/08 4:0 p.m.•11 views

CVE-2018-3940

8CVSS8.5AI score0.07272EPSS

Cvelist•added 2018/10/08 4:0 p.m.•17 views

CVE-2018-16291

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...

Cvelist•added 2018/10/08 4:0 p.m.•18 views

CVE-2018-16292

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can...

Cvelist•added 2018/10/08 4:0 p.m.•13 views

CVE-2018-3996

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

Cvelist•added 2018/10/08 4:0 p.m.•13 views

CVE-2018-3941

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

Cvelist•added 2018/10/08 4:0 p.m.•15 views

CVE-2018-3945

CVE•added 2018/10/08 4:0 p.m.•46 views

CVE-2018-16297

CVE-2018-16297 is a use-after-free in Foxit Reader/PhantomPDF’s JavaScript engine prior to 9.3. A specially crafted PDF can trigger object reuse for arbitrary code execution; user must open the file (or, with a browser plugin, visiting a malicious site could trigger it). Affected products: Foxit ...