CVE-2016-8875

The CVE-2016-8875 entry concerns Foxit Reader and Foxit PhantomPDF (Windows) with the ConvertToPDF plugin. When the gflags utility is enabled, a specially crafted TIFF image can trigger an out-of-bounds read, causing a DoS (crash) in CreateFXPDFConvertor. This is associated with the ConvertToPDF_...

CVE-2020-10893

The CVE-2020-10893 issue affects Foxit PhantomPDF (and related components) where the U3D object handling in PDFs allows a write past the end of an allocated structure due to inadequate validation, enabling remote code execution. Exploitation requires user interaction (visiting a malicious page or...

CVE-2020-10904

CVE-2020-10904 affects Foxit PhantomPDF (and Foxit Reader components) with a flaw in U3D object handling in PDF files, allowing remote code execution via write past the end of an allocated object. The vulnerability requires user interaction (visiting a malicious page or opening a malicious file) ...

CVE-2018-3940

CVE-2018-3940 concerns Foxit PDF Reader’s JavaScript engine. The issue is a use-after-free vulnerability in Foxit PDF Reader 9.1.0.5096 that can be triggered by a specially crafted PDF, allowing memory reuse of a previously freed object. An attacker must entice the user to open the malicious file...

CVE-2018-3944

CVE-2018-3944 is a use-after-free vulnerability in Foxit Software’s PDF Reader JavaScript engine (version 9.1.0.5096). A specially crafted PDF can trigger reuse of a freed object, leading to arbitrary code execution. Exploitation requires user interaction: the user must open the malicious PDF; if...

CVE-2020-10900

Foxit Reader/PhantomPDF 9.7.1.29511 on Windows is vulnerable to remote code execution via AcroForms processing. The root cause is a failure to validate an object’s existence before performing operations, effectively a use-after-free style flaw exposed when a user opens a malicious file or visits ...

CVE-2020-10906

CVE-2020-10906 affects Foxit Reader/PhantomPDF (Windows) prior to 9.7.2. The flaw is in resetForm and stems from not validating the existence of an object before performing operations, enabling use-after-free that can lead to remote code execution. Exploitation requires user interaction (open a m...

CVE-2020-10891

Foxit PhantomPDF 9.7.0.29478 is affected by a type confusion vulnerability in the Save command handling of the communication API. The flaw arises from improper validation of user-supplied data, enabling remote code execution when a user visits a malicious page or opens a malicious file (requires ...

CVE-2018-3961

CVE-2018-3961 is a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine (version 9.1.0.5096). The flaw occurs when accessing the Creator property of the this.info object, enabling potentially arbitrary code execution. Exploitation vectors described in the connected Talos write-up ...

CVE-2018-3965

CVE-2018-3965 is a use-after-free in Foxit PDF Reader’s JavaScript engine (Foxit PDF Reader 9.1.0.5096). A specially crafted PDF can trigger reuse of freed memory, allowing arbitrary code execution. Exploitation requires user action (open the malicious PDF); if a browser plugin is enabled, visiti...

CVE-2020-10898

CVE-2020-10898 affects Foxit PhantomPDF (and Foxit Reader/3D Plugin U3DBrowser) 9.7.1.29511, due to improper validation in handling of U3D objects in PDF files. The flaw can lead to a read past the end of an allocated structure, enabling remote code execution in the context of the current process...

CVE-2020-10903

CVE-2020-10903 affects Foxit PhantomPDF 9.7.1.29511, where U3D objects in PDFs are not properly validated, causing an out-of-bounds read that can disclose sensitive data. The issue requires user interaction (visiting a malicious page or opening a malicious file) and, in combination with other vul...

CVE-2018-3943

Foxit Reader/PhantomPDF CVE-2018-3943 is a use-after-free in Foxit’s PDF Reader JavaScript engine (Foxit Reader 9.1.0.5096). A crafted PDF can reuse a freed object, allowing arbitrary code execution. Exploitation requires user action (opening the malicious file); if a browser plugin extension is ...

CVE-2020-10895

CVE-2020-10895 affects Foxit PhantomPDF 9.7.1.29511 and its 3D/U3D handling in PDFs. The flaw stems from inadequate validation of user-supplied data, causing a read past the end of an allocated structure and enabling remote code execution in the context of the current process. User interaction is...

CVE-2019-20830

Foxit Reader and Foxit PhantomPDF versions before 9.6 contain an out-of-bounds write when Internet Explorer is used (CVE-2019-20830). Connected sources confirm the affected products and the root cause, but do not provide explicit exploitation details, vectors, or remediation steps. No additional ...

CVE-2020-15637

The CVE-2020-15637 entry concerns Foxit PhantomPDF (and related Foxit products) with a use-after-free flaw in SetLocalDescription that can disclose sensitive information. Exploitation requires user interaction (visiting a malicious page or opening a malicious file) and is described as a local/vec...

CVE-2018-3956

CVE-2018-3956 is an out-of-bounds read/write vulnerability in Foxit Software’s PDF Reader/PhantomPDF related to handling of XFA element attributes. Affected products include Foxit Reader and Foxit PhantomPDF prior to version 9.4, with a specific reference to Foxit PDF Reader 9.1.0.5096. The vulne...

CVE-2019-6734

This CVE (CVE-2019-6734) concerns Foxit PhantomPDF/Reader components vulnerable via the JavaScript setInterval handling, leading to a use-after-free condition that can disclose memory content. Affected products are Foxit PhantomPDF (and Foxit Reader per CNVD/PRION references) with unspecified exa...

CVE-2016-8334

CVE-2016-8334 (Foxit PDF Reader JBIG2 parsing vulnerability) is a heap-based out-of-bounds read disclosed via JBIG2 symbol dictionary segments. A signed/unsigned state in the parser allows two chained segments to trigger different allocation paths based on the SDTEMPLATE value and the “bitmap cod...

CVE-2016-8878

Foxit Reader and Foxit PhantomPDF (Windows) prior to 8.1 are affected by an out-of-bounds read in the XFA data stream when the gflags utility is enabled, allowing remote code execution via a crafted BMP in a PDF. Impact listed as arbitrary code execution with high severity (CVSS v3: HIGH, 8.8). A...

CVE-2018-3957

Foxit PDF Reader 9.1.0.5096 contains a use-after-free in the JavaScript engine triggered by accessing the this.info Keywords property. An attacker can exploit this by convincing a user to open a malicious PDF file; if the browser plugin extension is enabled, visiting a malicious site may also tri...

CVE-2020-10890

Foxit PhantomPDF 9.7.0.29478 is affected by CVE-2020-10890 due to a flaw in the communication API’s ConvertToPDF command that allows an attacker-controlled data write to arbitrary files, enabling remote code execution in the context of the current process. Exploitation requires user interaction (...

CVE-2020-10894

The CVE-2020-10894 issue affects Foxit PhantomPDF 9.7.1.29511 (U3D object handling) and is caused by insufficient validation of user-supplied data, leading to a read past the end of an allocated object (out-of-bounds read). This enables remote information disclosure with user interaction required...

CVE-2021-31458

Foxit Reader 10.1.1.37576 is affected by a remote code execution vulnerability in the handling of Annotation objects. The issue arises from not validating the existence of an object before performing operations on it, allowing an attacker to run code in the current process context after the targe...

CVE-2020-10892

CVE-2020-10892 affects Foxit PhantomPDF (and Foxit Reader/PhantomPDF family) with a vulnerability in the API communication handling of the CombineFiles command. The flaw allows an attacker to write an arbitrary file with data under attacker control, enabling remote code execution in the context o...

CVE-2018-3946

CVE-2018-3946 : A use-after-free in Foxit PDF Reader’s JavaScript engine (version 9.1.0.5096) allows arbitrary code execution. A specially crafted PDF can reuse a freed memory object, enabling exploitation. User interaction is required: the attacker must persuade the user to open a malicious PDF;...

CVE-2020-10911

CVE-2020-10911 affects Foxit PhantomPDF (and Foxit Reader/PhantomPDF family in some sources) with a type-confusion flaw in the GetFieldValue handling of the communication API that enables remote code execution. Exploitation requires user interaction (e.g., opening a malicious file/page). The vuln...

CVE-2018-3960

CVE-2018-3960 is a use-after-free in Foxit PDF Reader’s JavaScript engine (version 9.1.0.5096). The vulnerability occurs when accessing the Producer property of the this.info object. Exploitation depends on social/drive-by user action: a user must open a specially crafted malicious PDF file, or, ...

CVE-2020-10910

CVE-2020-10910 affects Foxit PhantomPDF/Reader (notably PhantomPDF 9.7.0.29478; CNVD/ZDI notes 9.7.1.29511 and earlier) where the RotatePage command handling in the communication API is vulnerable to a type confusion caused by insufficient validation of user-supplied data. This allows remote code...

CVE-2018-20311

CVE-2018-20311 affects Foxit Reader before 9.5 and Foxit PhantomPDF before 8.3.10 and 9.x before 9.5. The issue is a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read. The description does not specify affected versions beyond those ranges or expl...

CVE-2018-3941

CVE-2018-3941 describes a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine affecting version 9.1.0.5096. A specially crafted PDF can trigger reuse of a previously freed object in memory, enabling arbitrary code execution. Exploitation requires the user to open a malicious file...

CVE-2020-10889

Foxit PhantomPDF 9.7.0.29478 is affected by CVE-2020-10889. The issue lies in the DuplicatePages command handling within the communication API, caused by improper validation of user-supplied data leading to a type confusion. This allows remote code execution in the context of the current process ...

CVE-2020-10897

CVE-2020-10897 affects Foxit PhantomPDF 9.7.1.29511. The flaw is in PDF U3D object handling where inadequate validation allows a write past the end of an allocated object, enabling code execution in the current process. User interaction is required (malicious page or file). Root cause and impact ...

CVE-2018-3966

CVE-2018-3966 is a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine (version 9.1.0.5096) that can be triggered by opening a specially crafted PDF or, if the browser plugin is enabled, by viewing the document in a web browser. The vulnerability allows arbitrary code execution d...

CVE-2018-3967

Foxit PDF Reader 9.1.0.5096 contains a use-after-free in the JavaScript engine. A specially crafted PDF can cause a previously freed object to be reused, enabling arbitrary code execution. Exploitation requires user action (opening the crafted file); if the browser plugin is enabled, visiting a m...

CVE-2021-31456

CVE-2021-31456 affects Foxit Reader 10.1.1.37576 and describes remote code execution via the handling of Annotation objects. The root cause is the lack of validating the existence of an object before performing operations on it, enabling an attacker to run code in the context of the current proce...

CVE-2021-31460

CVE-2021-31460 is a Foxit Reader 10.1.1.37576 remote code execution vulnerability. The flaw occurs in XFA template processing and stems from not validating the existence of an object before performing operations on it, enabling code execution in the attacker’s context after user interaction (e.g....

CVE-2018-20313

Foxit Reader before 9.5 and PhantomPDF before 8.3.10 and 9.x before 9.5 are affected by a race condition in proxyPreviewAction that can cause a stack-based buffer overflow or an out-of-bounds read. The vulnerability is due to improper synchronization in the proxy action handling, enabling memory ...

CVE-2018-3958

CVE-2018-3958 is a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine (Foxit PDF Reader, version 9.1.0.5096). The defect occurs when accessing the Subject property of the this.info object. Exploitation requires user interaction: convincing a user to open a malicious PDF file, or...

CVE-2018-3959

CVE-2018-3959 affects Foxit PDF Reader 9.1.0.5096. It is a use-after-free in the JavaScript engine triggered when accessing the this.info.Author property, exploitable by tricking a user into opening a malicious PDF or via a browser plugin. Cisco Talos describes it as enabling remote code executio...

CVE-2020-11493

CVE-2020-11493 affects Foxit Reader and PhantomPDF prior to 10.0.1 and 9.7.3 respectively. The issue stems from a direct transformation from a PDF Object to a Stream without adequately handling a crafted XObject, allowing an uninitialized object to leak sensitive information. The result is an inf...

CVE-2018-17691

CVE-2018-17691 affects Foxit PhantomPDF (9.2.0.9297 and likely earlier); the issue arises in the HTML-to-PDF conversion when the software fails to validate an object’s existence before performing operations. This use-after-free style flaw enables remote code execution with the attacker hosting a ...

CVE-2018-3945

Foxit PDF Reader (Windows) vulnerable to CVE-2018-3945 through a use-after-free in the JavaScript engine of Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF can trigger reuse of a previously freed object, enabling arbitrary code execution when a user opens the malicious file. Several ...

CVE-2018-3964

CVE-2018-3964 is a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine (version 9.1.0.5096) that can be triggered by a specially crafted PDF. The vulnerability allows an attacker to cause arbitrary code execution by reusing freed memory when JavaScript objects are manipulated, wi...

CVE-2020-10896

CVE-2020-10896 affects Foxit PhantomPDF (including the 3D U3DBrowser plugin) and specifically targets the processing of U3D objects in PDF files. The issue is a heap-based buffer overflow caused by insufficient validation of the length of user-supplied data, allowing arbitrary code execution in t...

CVE-2018-17621

Foxit Reader 9.0.1.5096 is affected by CVE-2018-17621. The flaw affects the handling of Format events and stems from not validating the existence of an object before performing operations, enabling remote code execution. Exploitation requires user interaction (visiting a malicious page or opening...

CVE-2018-20309

CVE-2018-20309 affects Foxit Reader prior to 9.5 and PhantomPDF prior to 8.3.10, plus 9.x builds prior to 9.5. The issue is a race condition in the proxyGetAppEdition path that can cause a stack-based buffer overflow or an out‑of‑bounds read. Impact is described in the CVE as memory corruption wi...

CVE-2018-21240

CVE-2018-21240 affects Foxit Reader and PhantomPDF prior to version 9.2. The issue is a memory consumption flaw triggered by an ArrayBuffer(0xfffffffe) call in these products. Root cause is a memory handling vulnerability leading to resource exhaustion. Impact is partial availability degradation ...

CVE-2018-5680

CVE-2018-5680 affects Foxit Reader prior to 9.1 and Foxit PhantomPDF prior to 9.1. The vulnerability arises in the processing of specially crafted PDF files that contain embedded u3d images, due to insufficient validation of user-supplied data which can cause a read past the end of an allocated o...

CVE-2020-10905

CVE-2020-10905 affects Foxit PhantomPDF 9.7.1.29511. The issue is an out-of-bounds read in U3D vertex handling due to insufficient validation, requiring user interaction (malicious page/file) and potentially enabling code execution when combined with other vulnerabilities. Multiple sources (ZDI-2...