CVE-2021-45978

Foxit PDF Reader and PDF Editor for macOS is affected in versions before 11.1. The root cause is misuse of the XFA API via xfa.host.gotoURL in the XFA implementation, enabling arbitrary code execution. CVSS details in sources indicate high impact (C/H/I/H; LOCAL exploit with UI requirement per CV...

Foxit PhantomPDF < 8.3.2 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.2. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the app.launchURL method allowing a context-dependent attacker to potentially...

Foxit Reader command injection(CVE-2017-10951)and file writing Vulnerability(CVE-2017-10952)

A tale about Foxit Reader - Safe Reading mode and other vulnerabilities Some days ago someone send me the following link, which describes two vulnerabilities in Foxit Reader: http://thehackernews.com/2017/08/two-critical-zero-day-flaws-disclosed.html These two vulnerabilities are similar to the...