Lucene search
+L
FoxitsoftwareReader

10 matches found

CVE
CVE
added 2020/06/04 4:52 p.m.74 views

CVE-2019-20830

Foxit Reader and Foxit PhantomPDF versions before 9.6 contain an out-of-bounds write when Internet Explorer is used (CVE-2019-20830). Connected sources confirm the affected products and the root cause, but do not provide explicit exploitation details, vectors, or remediation steps. No additional ...

9.8CVSS9.5AI score0.01717EPSS
CVE
CVE
added 2018/09/28 9:0 a.m.57 views

CVE-2018-17608

Foxit PhantomPDF and Foxit Reader prior to version 9.3 are affected by CVE-2018-17608, where mishandling of Annotation object properties can enable a remote attacker to execute arbitrary code or cause a denial of service (use-after-free). Impact is described as high/critical across CERT/NVD data:...

9.8CVSS9.3AI score0.03176EPSS
CVE
CVE
added 2020/06/04 4:55 p.m.57 views

CVE-2019-20827

CVE-2019-20827 affects Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3, with a stack-consumption issue arising from interaction between ICC-Based color space and Alternate color space. The NVD score indicates high severity (CVSS v3.1: 9.8, network exploit, no user interaction). No ex...

9.8CVSS9.4AI score0.01717EPSS
CVE
CVE
added 2018/09/28 9:0 a.m.56 views

CVE-2018-17609

Foxit PhantomPDF and Foxit Reader prior to 9.3 are affected by CVE-2018-17609. The issue stems from mishandling properties of Annotation objects, enabling a use-after-free vulnerability that can lead to remote code execution or denial of service. Reported with CVSS v3.0 base score 9.8 (CRITICAL) ...

9.8CVSS9.3AI score0.03176EPSS
CVE
CVE
added 2018/09/28 9:0 a.m.56 views

CVE-2018-17610

Foxit PhantomPDF and Foxit Reader are affected by CVE-2018-17610, with the vulnerability exploitable in versions before 9.3. The issue arises from how properties of Annotation objects are mishandled, enabling remote attackers to execute arbitrary code or cause a denial of service (use-after-free)...

9.8CVSS9.3AI score0.03176EPSS
CVE
CVE
added 2018/09/28 9:0 a.m.54 views

CVE-2018-17611

CVE-2018-17611 affects Foxit PhantomPDF and Foxit Reader prior to 9.3. The issue is a use-after-free related to mishandling properties of Annotation objects, with remote code execution or denial of service as described by NVD. The provided connected documents corroborate the affected products and...

9.8CVSS9.3AI score0.03176EPSS
CVE
CVE
added 2020/06/04 3:36 p.m.54 views

CVE-2020-13814

Foxit Reader and PhantomPDF are affected by CVE-2020-13814. Before version 9.7.1, a use-after-free can occur in a document that lacks a dictionary, leading to potential memory-related impact. The NVD/NVD-derived record indicates a high-severity issue with exploitation potential via network access...

9.8CVSS9.3AI score0.01717EPSS
CVE
CVE
added 2020/06/04 2:38 p.m.53 views

CVE-2020-13804

The CVE-2020-13804 issue affects Foxit Reader and PhantomPDF (pre-9.7.2). The vulnerability stems from the DocuSign plugin, allowing disclosure of a hardcoded username and password, resulting in a potential information disclosure impacting confidentiality (per the documented CVSS metrics). Affect...

9.8CVSS9AI score0.01608EPSS
CVE
CVE
added 2018/09/28 9:0 a.m.52 views

CVE-2018-17607

CVE-2018-17607 affects Foxit PhantomPDF and Foxit Reader prior to version 9.3. The vulnerability is a use-after-free caused by mishandling the properties of Annotation objects, affecting up to five distinct Annotation types. It enables remote code execution or denial of service when exploited. CV...

9.8CVSS9.3AI score0.03176EPSS
CVE
CVE
added 2020/06/04 2:40 p.m.50 views

CVE-2020-13805

The CVE-2020-13805 entry concerns Foxit Reader and PhantomPDF prior to 9.7.2 where the CAS login service does not limit login failures, enabling brute-force attack attempts. Concrete details across connected sources confirm the affected products (Foxit Reader/PhantomPDF) and the root cause (unlim...

9.8CVSS9.3AI score0.01512EPSS