12 matches found
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2018-17632
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2018-17632
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2018-17632
Foxit Reader 9.2.0.9297 is affected by CVE-2018-17632. The flaw lies in the resolveNode handling, where lack of validation of an object before operations leads to a use-after-free condition, enabling remote code execution. Exploitation requires user interaction (visiting a malicious page or openi...
Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-25197)
Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the processing of the resolveNode method of TimeField in Foxit Reader 9.2.0.9297 and...
Foxit Reader XFA resolveNode Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...
Foxit Reader XFA TimeField resolveNode Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA...
CVE-2018-9955
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA...
CVE-2018-9955
Foxit Reader 9.0.1.1049 is affected by CVE-2018-9955. The vulnerability resides in the XFA Button resolveNode method and is due to not validating the existence of an object before performing operations, enabling remote code execution under the current process when a user opens a malicious file/pa...
Foxit Reader XFA Button resolveNode Remote Code Execution Vulnerability
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the handling of the XFA Button resolveNode method, which can be exploited by an attacker to execute arbitrary code in the context of the current process due to a lack of authentication...
Foxit Reader XFA Button resolveNode Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA resolveNode...