Foxit Reader Security Vulnerabilities and Issues — Page 7 of Foxit Reader CVE List

8.8CVSS8.8AI score0.00557EPSS

CVE-2018-9935

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addFi...

CVE-2018-9952

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE-2018-9955

CVE-2018-9976

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

CVE-2018-9979

CVE-2018-9983

CVE•added 2019/01/03 11:29 p.m.•39 views

CVE-2019-5005

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. They allowed Denial of Service (application crash) via image data, because two bytes are written to the end of the allocated memory without judging whether this will cause corruption.

5.5CVSS5.9AI score0.0008EPSS

CVE•added 2021/03/30 3:15 p.m.•39 views

CVE-2021-27266

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

4.3CVSS3.8AI score0.03774EPSS

6.5CVSS6.5AI score0.00412EPSS

CVE-2018-10485

CVE-2018-14241

CVE-2018-14251

CVE-2018-14263

CVE-2018-14274

CVE-2018-14315

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE-2018-9939

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handl...

8.8CVSS8.8AI score0.00345EPSS

CVE-2018-9960

8.8CVSS8.8AI score0.00345EPSS

CVE-2018-9961

CVE•added 2021/05/07 9:15 p.m.•38 views

CVE-2021-31442

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS7.8AI score0.01606EPSS

CVE•added 2011/02/25 7:0 p.m.•37 views

CVE-2011-0332

Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow.

9.3CVSS8.2AI score0.01992EPSS

CVE-2018-10476

8.8CVSS8.8AI score0.00474EPSS

CVE-2018-10477

CVE-2018-10478

CVE-2018-10487

CVE-2018-10492

CVE-2018-14249

CVE-2018-14269

CVE-2018-14270

CVE-2018-14284

CVE-2018-14306

CVE•added 2018/11/17 9:29 p.m.•37 views

CVE-2018-19343

The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read), obtain sensitive information, or possibly have unspecified other impact via a U3D sample because of a "Data from Faulting...

7.1CVSS8AI score0.00071EPSS

CVE•added 2018/11/17 9:29 p.m.•37 views

CVE-2018-19347

The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Data from Faulting Address controls Branch Selection starti...

7.1CVSS7.2AI score0.00071EPSS

8.8CVSS8.8AI score0.00474EPSS

CVE-2018-9949

CVE-2018-9953

CVE-2018-9966

CVE-2018-9967

CVE-2018-9969

6.5CVSS6.5AI score0.00412EPSS

CVE-2018-9972

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Co...

8.8CVSS8.8AI score0.00543EPSS

CVE-2018-9974

CVE•added 2021/08/11 8:15 p.m.•37 views

CVE-2021-33794

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction.

9.1CVSS8.7AI score0.00027EPSS

CVE•added 2023/11/27 4:15 p.m.•37 views

CVE-2023-41257

A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker need...

8.8CVSS8.8AI score0.00007EPSS

CVE•added 2018/07/31 8:29 p.m.•36 views

CVE-2018-14244

CVE•added 2018/07/31 8:29 p.m.•36 views

CVE-2018-14271

CVE•added 2018/07/31 8:29 p.m.•36 views

CVE-2018-14305

CVE•added 2018/11/20 9:29 p.m.•36 views

CVE-2018-19390

FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (Break instruction exception and application crash) via TIFF data because of a ConvertToPDF_x86!ConnectedPDF::ConnectedPDFSDK::FCP_SendEmailNotification issue.

5.5CVSS6.1AI score0.0004EPSS

CVE-2018-9943

CVE-2018-9945

CVE-2018-9956