10 matches found
Foxit Reader append method remote code execution vulnerability
Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A security vulnerability exists in the append method of the XFA Node object in Foxit Reader version 8.3.1.21155, which is caused by the program failing to properly validate user-submitted data. A remote attacker can...
CVE-2017-14827
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2017-14826
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2017-14827
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Type confusion
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Type confusion
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2017-14827
CVE-2017-14827 affects Foxit Reader 8.3.1.21155 where the append method of XFA Node objects fails to properly validate user-supplied data, causing a type-confusion vulnerability that enables remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a mali...
CVE-2017-14827
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Foxit Reader XFA Nodes formNodes Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the formNodes metho...
KLA11162 Multiple vulnerabilities in Foxit Reader
Multiple serious vulnerabilities have been found in Foxit Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An out-of-bounds read vulnerability in the tile index member of SOT marke...