10 matches found
CVE-2016-8334
CVE-2016-8334 (Foxit PDF Reader JBIG2 parsing vulnerability) is a heap-based out-of-bounds read disclosed via JBIG2 symbol dictionary segments. A signed/unsigned state in the parser allows two chained segments to trigger different allocation paths based on the SDTEMPLATE value and the “bitmap cod...
CVE-2019-6734
This CVE (CVE-2019-6734) concerns Foxit PhantomPDF/Reader components vulnerable via the JavaScript setInterval handling, leading to a use-after-free condition that can disclose memory content. Affected products are Foxit PhantomPDF (and Foxit Reader per CNVD/PRION references) with unspecified exa...
CVE-2019-6733
CVE-2019-6733 affects Foxit PhantomPDF (PDF handling). The issue is an out-of-bounds read from improper validation of user-supplied data in PDF processing, which can disclose sensitive information. It is exploitable via remote interaction when a user opens a malicious page/file, and an attacker m...
CVE-2016-8879
CVE-2016-8879 affects Foxit Reader and Foxit PhantomPDF prior to 8.1 on Windows. The issue lies in the thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) where a crafted JPEG2000 image embedded in a PDF can trigger an out-of-bounds write, causing an application crash and a denial-of-s...
CVE-2018-17622
CVE-2018-17622 affects Foxit Reader 9.1.0.5096 (Windows). The issue is a buffer over-read in handling Calculate events caused by improper validation of user-supplied data, allowing remote attackers to disclose sensitive information and potentially execute code in the context of the current proces...
CVE-2019-6732
Foxit PhantomPDF (and Foxit Reader) is affected by CVE-2019-6732 due to improper validation in AFParseDateEx, causing an out-of-bounds read that can disclose sensitive information. The vulnerability requires user interaction (visiting a malicious page or opening a malicious file) and can be trigg...
CVE-2019-6728
The CVE-2019-6728 issue affects Foxit Reader (PDF processing path) and is due to an out-of-bounds read caused by inadequate validation of user-supplied data, resulting in a read past the end of an allocated buffer. This vulnerability can disclose sensitive information and, in conjunction with oth...
CVE-2019-6735
CVE-2019-6735 affects Foxit Reader. A vulnerability in PDF file processing causes an out-of-bounds read due to lack of proper validation of user-supplied data, potentially disclosing sensitive information. Exploitation requires user interaction (visiting a malicious page or opening a malicious fi...
CVE-2018-17699
The CVE-2018-17699 issue affects Foxit Reader 9.2.0.9297 and earlier on Windows, where the PDF processing path fails to validate user-supplied data, causing an out-of-bounds read (read past the end of an allocated buffer). This enables remote information disclosure and, when combined with other v...
CVE-2018-17686
CVE-2018-17686 affects Foxit Reader (Windows) with a BMP image processing flaw. The connected advisories describe an out-of-bounds read in the BMP handling that can disclose sensitive information, requiring user interaction (e.g., visiting a malicious page or opening a malicious file). The vulner...