Foxit Reader@* Security Vulnerabilities and Issues — Page 2 of Foxit Reader@* CVE List

Lucene search

FoxitsoftwareFoxit Reader*

281 matches found

CVE•added 2019/06/03 7:29 p.m.•52 views

CVE-2019-6767

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the remov...

7.8CVSS7.8AI score0.00609EPSS

CVE•added 2020/10/13 5:15 p.m.•52 views

CVE-2020-17414

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader 10.0.0.35798. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...

7.8CVSS7.6AI score0.00068EPSS

CVE•added 2018/07/31 8:29 p.m.•51 views

CVE-2018-14292

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

8.8CVSS8.8AI score0.00345EPSS

CVE•added 2019/06/03 7:29 p.m.•51 views

CVE-2019-6762

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the c...

7.8CVSS7.8AI score0.00609EPSS

CVE•added 2019/06/03 7:29 p.m.•51 views

CVE-2019-6766

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

5.5CVSS5.5AI score0.00647EPSS

CVE•added 2019/06/03 7:29 p.m.•51 views

CVE-2019-6769

7.8CVSS7.8AI score0.00609EPSS

CVE•added 2020/10/02 8:15 a.m.•51 views

CVE-2020-26540

An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened Runtime protection mechanism is not applied to code signing, code injection (or an information leak) can occur.

7.5CVSS7.6AI score0.00007EPSS

CVE•added 2015/03/30 2:59 p.m.•50 views

CVE-2015-2790

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image.

4.3CVSS7AI score0.5448EPSS

CVE•added 2016/04/22 3:59 p.m.•50 views

CVE-2016-4065

The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted (1) JPEG, (2) GIF, or (3) BMP image.

7.8CVSS7.2AI score0.00266EPSS

CVE•added 2018/07/31 8:29 p.m.•50 views

CVE-2018-14252

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getFie...

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•50 views

CVE-2018-14258

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/05/17 3:29 p.m.•50 views

CVE-2018-9981

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

8.8CVSS8.8AI score0.00345EPSS

CVE•added 2019/06/03 7:29 p.m.•50 views

CVE-2019-6758

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Con...

5.5CVSS5.5AI score0.00635EPSS

CVE•added 2019/06/03 7:29 p.m.•50 views

CVE-2019-6768

7.8CVSS7.8AI score0.0062EPSS

CVE•added 2020/12/15 1:15 p.m.•50 views

CVE-2020-28203

An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier. There is a null pointer access/dereference while opening a crafted PDF file, leading the application to crash (denial of service).

5.5CVSS6AI score0.00022EPSS

CVE•added 2021/05/07 9:15 p.m.•50 views

CVE-2021-31451

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS8.4AI score0.02166EPSS

CVE•added 2018/07/31 8:29 p.m.•49 views

CVE-2018-14285

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•49 views

CVE-2018-14291

8.8CVSS8.8AI score0.00345EPSS

CVE•added 2018/05/17 3:29 p.m.•49 views

CVE-2018-9947

8.8CVSS8.8AI score0.00474EPSS

CVE•added 2019/06/03 7:29 p.m.•49 views

CVE-2019-6757

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPD...

7.8CVSS7.8AI score0.0062EPSS

CVE•added 2020/10/13 5:15 p.m.•49 views

CVE-2020-17415

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PhantomPDF 10.0.0.35798. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the hand...

7.8CVSS7.6AI score0.00068EPSS

CVE•added 2021/03/30 3:15 p.m.•49 views

CVE-2021-27261

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ha...

7.8CVSS7.8AI score0.04567EPSS

CVE•added 2021/05/07 9:15 p.m.•49 views

CVE-2021-31455

7.8CVSS8.4AI score0.02166EPSS

CVE•added 2010/04/05 3:30 p.m.•48 views

CVE-2010-1239

Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and (2) execute arbitrary programs embedded in a PDF document via an unspecified "/Launch /Action" sequence, a related issue to CVE-2009-0836.

9.3CVSS7.1AI score0.1077EPSS

CVE•added 2018/02/07 5:29 p.m.•48 views

CVE-2016-6169

Heap-based buffer overflow in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (memory corruption and application crash) or potentially execute arbitrary code via the Bezier data in a crafted PDF file.

7.8CVSS8.1AI score0.00377EPSS

CVE•added 2018/05/17 3:29 p.m.•48 views

CVE-2018-10490

8.8CVSS8.8AI score0.00474EPSS

CVE•added 2018/05/17 3:29 p.m.•48 views

CVE-2018-10495

8.8CVSS8.8AI score0.00235EPSS

CVE•added 2019/06/03 7:29 p.m.•48 views

CVE-2019-6763

7.8CVSS7.8AI score0.00609EPSS

CVE•added 2019/06/03 7:29 p.m.•48 views

CVE-2019-6765

7.8CVSS7.7AI score0.00758EPSS

CVE•added 2019/06/03 7:29 p.m.•48 views

CVE-2019-6770

5.5CVSS5.5AI score0.00647EPSS

CVE•added 2021/03/30 3:15 p.m.•48 views

CVE-2021-27264

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

4.3CVSS3.8AI score0.03774EPSS

CVE•added 2021/03/30 3:15 p.m.•48 views

CVE-2021-27269

7.8CVSS7.8AI score0.04567EPSS

CVE•added 2012/08/23 3:55 p.m.•47 views

CVE-2012-4337

Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references.

9.3CVSS7.7AI score0.00754EPSS

CVE•added 2015/05/01 3:59 p.m.•47 views

CVE-2015-3632

Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file.

4.3CVSS6.9AI score0.06754EPSS

CVE•added 2016/04/22 3:59 p.m.•47 views

CVE-2016-4060

Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

7.5CVSS7.2AI score0.00134EPSS

CVE•added 2016/04/22 3:59 p.m.•47 views

CVE-2016-4061

Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream.

7.5CVSS7.1AI score0.00168EPSS

CVE•added 2017/05/03 5:59 a.m.•47 views

CVE-2017-8453

Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document.

8.8CVSS8.8AI score0.01208EPSS

CVE•added 2018/07/31 8:29 p.m.•47 views

CVE-2018-11618

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/05/17 3:29 p.m.•47 views

CVE-2018-1173

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/05/17 3:29 p.m.•47 views

CVE-2018-1177

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/07/31 8:29 p.m.•47 views

CVE-2018-14255

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•47 views

CVE-2018-14308

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/07/20 12:29 p.m.•47 views

CVE-2018-14442

Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs.

9.8CVSS9.5AI score0.05653EPSS

CVE•added 2021/05/07 9:15 p.m.•47 views

CVE-2021-31453

7.8CVSS8.4AI score0.02166EPSS

CVE•added 2021/08/11 10:15 p.m.•47 views

CVE-2021-38569

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects.

7.5CVSS7.5AI score0.00018EPSS

CVE•added 2021/08/11 10:15 p.m.•47 views

CVE-2021-38572

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because the extractPages pathname is not validated.

9.8CVSS9.3AI score0.00023EPSS

CVE•added 2018/05/17 3:29 p.m.•46 views

CVE-2018-1180

8.8CVSS8.8AI score0.00387EPSS

CVE•added 2018/07/31 8:29 p.m.•46 views

CVE-2018-14247

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•46 views

CVE-2018-14254

8.8CVSS8.8AI score0.00264EPSS

CVE•added 2018/07/31 8:29 p.m.•46 views

CVE-2018-14275