Lucene search

K
FoxitsoftwareReader

259 matches found

CVE
CVE
added 2018/10/02 9:29 p.m.63 views

CVE-2018-3944

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user t...

8.8CVSS8.2AI score0.003EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.63 views

CVE-2020-10900

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the process...

7.8CVSS7.8AI score0.03065EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.63 views

CVE-2020-10904

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.8AI score0.0284EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.63 views

CVE-2020-10906

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the resetFo...

7.8CVSS7.8AI score0.03065EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.63 views

CVE-2020-10908

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.9AI score0.00374EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.62 views

CVE-2020-10891

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.9AI score0.00374EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.61 views

CVE-2020-10898

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.8AI score0.0284EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.61 views

CVE-2020-10912

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.9AI score0.00374EPSS
CVE
CVE
added 2016/10/31 10:59 a.m.60 views

CVE-2016-8875

The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in...

5.3CVSS6.4AI score0.00088EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.60 views

CVE-2020-10894

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS3.3AI score0.11393EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.60 views

CVE-2020-10895

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.8AI score0.0284EPSS
CVE
CVE
added 2019/01/30 10:29 p.m.59 views

CVE-2018-3956

An exploitable out-of-bounds read vulnerability exists in the handling of certain XFA element attributes of Foxit Software's PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger an out-of-bounds read, which can disclose sensitive memory content and aid in exploitation when co...

7.1CVSS6.7AI score0.11084EPSS
CVE
CVE
added 2017/01/06 9:59 p.m.58 views

CVE-2016-8334

A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR.

6.8CVSS3.5AI score0.13461EPSS
CVE
CVE
added 2018/10/02 9:29 p.m.58 views

CVE-2018-3943

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user t...

8.8CVSS8.2AI score0.003EPSS
CVE
CVE
added 2018/10/02 9:29 p.m.57 views

CVE-2018-3957

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Keywords property of the this.info object. An attacker needs to trick the user to open the malicious file to trigger this v...

8CVSS7.9AI score0.0022EPSS
CVE
CVE
added 2018/10/02 9:29 p.m.57 views

CVE-2018-3961

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Creator property of the this.info object. An attacker needs to trick the user to open the malicious file to trigger this vu...

8CVSS7.9AI score0.06944EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.57 views

CVE-2020-10890

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the com...

8.8CVSS8.8AI score0.01624EPSS
CVE
CVE
added 2020/08/20 1:17 a.m.57 views

CVE-2020-15637

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS3.8AI score0.00897EPSS
CVE
CVE
added 2021/01/07 6:15 p.m.56 views

CVE-2018-20315

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

8.1CVSS8.1AI score0.00026EPSS
CVE
CVE
added 2018/10/03 3:29 p.m.56 views

CVE-2018-3946

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to...

8.8CVSS8.2AI score0.00268EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.56 views

CVE-2020-10892

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the com...

8.8CVSS8.8AI score0.01624EPSS
CVE
CVE
added 2021/05/07 9:15 p.m.56 views

CVE-2021-31456

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS8.4AI score0.00411EPSS
CVE
CVE
added 2021/05/07 9:15 p.m.56 views

CVE-2021-31458

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS8.4AI score0.00411EPSS
CVE
CVE
added 2018/10/08 4:29 p.m.55 views

CVE-2018-3940

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused. An attacker needs to trick the user to open the malicious file to trigger.

8.8CVSS7.9AI score0.02803EPSS
CVE
CVE
added 2018/10/03 3:29 p.m.54 views

CVE-2018-3966

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the u...

8CVSS8.3AI score0.15916EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.54 views

CVE-2020-10911

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.9AI score0.00374EPSS
CVE
CVE
added 2018/10/02 9:29 p.m.53 views

CVE-2018-3960

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Producer property of the this.info object. An attacker needs to trick the user to open the malicious file to trigger this v...

8CVSS7.9AI score0.06944EPSS
CVE
CVE
added 2019/03/21 4:1 p.m.53 views

CVE-2019-6734

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handl...

6.5CVSS6.2AI score0.00982EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.53 views

CVE-2020-10910

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.9AI score0.00374EPSS
CVE
CVE
added 2021/05/07 9:15 p.m.53 views

CVE-2021-31460

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the proces...

7.8CVSS8.4AI score0.00411EPSS
CVE
CVE
added 2021/01/07 5:15 p.m.52 views

CVE-2018-20311

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

8.1CVSS8.1AI score0.00026EPSS
CVE
CVE
added 2018/10/02 9:29 p.m.52 views

CVE-2018-3958

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Subject property of the this.info object. An attacker needs to trick the user to open the malicious file to trigger this vu...

8CVSS7.9AI score0.0022EPSS
CVE
CVE
added 2018/10/03 3:29 p.m.52 views

CVE-2018-3964

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the u...

8CVSS8.3AI score0.16041EPSS
CVE
CVE
added 2018/10/03 3:29 p.m.52 views

CVE-2018-3967

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the u...

8CVSS8.3AI score0.16041EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.52 views

CVE-2020-10889

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.9AI score0.00374EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.52 views

CVE-2020-10896

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.8AI score0.0284EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.52 views

CVE-2020-10897

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...

7.8CVSS7.8AI score0.0284EPSS
CVE
CVE
added 2021/05/07 9:15 p.m.52 views

CVE-2021-31459

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS8.4AI score0.00411EPSS
CVE
CVE
added 2018/10/08 4:29 p.m.51 views

CVE-2018-3941

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the u...

8.8CVSS8.3AI score0.00268EPSS
CVE
CVE
added 2018/10/08 4:29 p.m.51 views

CVE-2018-3945

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the u...

8.8CVSS8.3AI score0.00271EPSS
CVE
CVE
added 2018/10/02 9:29 p.m.50 views

CVE-2018-3959

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Author property of the this.info object. An attacker needs to trick the user to open the malicious file to trigger this vul...

8CVSS7.9AI score0.06944EPSS
CVE
CVE
added 2018/05/24 9:29 p.m.50 views

CVE-2018-5680

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...

8.8CVSS8.6AI score0.01776EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.50 views

CVE-2020-10899

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the process...

7.8CVSS7.8AI score0.03065EPSS
CVE
CVE
added 2020/04/22 9:15 p.m.50 views

CVE-2020-10905

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS3.3AI score0.11393EPSS
CVE
CVE
added 2019/01/24 4:29 a.m.49 views

CVE-2018-17691

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the co...

8.8CVSS8.8AI score0.00566EPSS
CVE
CVE
added 2020/06/04 5:15 p.m.48 views

CVE-2019-20837

An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It allows signature validation bypass via a modified file or a file with non-standard signatures.

7.5CVSS7.5AI score0.00007EPSS
CVE
CVE
added 2016/10/31 10:59 a.m.47 views

CVE-2016-8878

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return valu...

8.8CVSS8.7AI score0.00361EPSS
CVE
CVE
added 2021/01/07 6:15 p.m.47 views

CVE-2018-20313

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyPreviewAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

8.1CVSS8.1AI score0.00026EPSS
CVE
CVE
added 2020/06/04 5:15 p.m.47 views

CVE-2018-21239

An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action.

5.3CVSS5.2AI score0.0001EPSS
CVE
CVE
added 2018/10/08 4:29 p.m.47 views

CVE-2018-3997

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the ...

8.8CVSS8.3AI score0.00271EPSS
Total number of security vulnerabilities259