VYPR

Reader

by Foxitsoftware

CVEs (263)

  • CVE-2017-14820MedDec 20, 2017
    risk 0.42cvss 6.5epss 0.02

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2017-14819MedDec 20, 2017
    risk 0.42cvss 6.5epss 0.02

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2017-14818MedDec 20, 2017
    risk 0.42cvss 6.5epss 0.02

    This vulnerability allows remote attackers to disclose sensitive on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists…

  • CVE-2017-10956MedDec 20, 2017
    risk 0.42cvss 6.5epss 0.02

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2017-10944MedOct 31, 2017
    risk 0.42cvss 6.5epss 0.02

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2017-10943MedOct 31, 2017
    risk 0.42cvss 6.5epss 0.02

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2017-10942MedOct 31, 2017
    risk 0.42cvss 6.5epss 0.02

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2016-8879MedOct 31, 2016
    risk 0.42cvss 6.5epss 0.01

    The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka…

  • CVE-2016-4062MedApr 22, 2016
    risk 0.36cvss 5.5epss 0.01

    Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF.

  • CVE-2016-8875MedOct 31, 2016
    risk 0.35cvss 5.3epss 0.01

    The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one…

  • CVE-2017-6883MedMar 14, 2017
    risk 0.31cvss 4.7epss 0.03

    The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to…

  • CVE-2009-0837Mar 10, 2009
    risk 0.09cvss epss 0.76

    Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, including 1120 and 1301, allows remote attackers to execute arbitrary code via a long (1) relative path or (2) absolute path in the filename argument in an action, as demonstrated by the "Open/Execute a file"…

  • CVE-2009-0836Mar 10, 2009
    risk 0.06cvss epss 0.41

    Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspecified other impact via…

  • CVE-2015-2790Mar 30, 2015
    risk 0.05cvss epss 0.25

    Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image.

  • CVE-2010-1239Apr 5, 2010
    risk 0.04cvss epss 0.08

    Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and (2) execute arbitrary programs embedded in a PDF document via an unspecified "/Launch /Action" sequence, a related issue to…

  • CVE-2007-2186Apr 24, 2007
    risk 0.04cvss epss 0.08

    Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.

  • CVE-2015-3632May 1, 2015
    risk 0.03cvss epss 0.06

    Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file.

  • CVE-2015-2789Mar 30, 2015
    risk 0.03cvss epss 0.03

    Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.

  • CVE-2021-21822May 10, 2021
    risk 0.02cvss epss 0.02

    A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the…

  • CVE-2020-13560Dec 22, 2020
    risk 0.02cvss epss 0.03

    A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the…

Page 11 of 14