VYPR

Reader

by Foxitsoftware

CVEs (263)

  • CVE-2022-24356Feb 18, 2022
    risk 0.00cvss epss 0.02

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.…

  • CVE-2022-24954Feb 11, 2022
    risk 0.00cvss epss 0.12

    Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings.

  • CVE-2021-40420Feb 4, 2022
    risk 0.00cvss epss 0.05

    A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the…

  • CVE-2022-22150Feb 4, 2022
    risk 0.00cvss epss 0.02

    A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger an exception which is improperly handled, leaving the engine in an invalid state, which can lead to memory…

  • CVE-2021-21893Aug 5, 2021
    risk 0.00cvss epss 0.02

    A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.0.0.49893. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the…

  • CVE-2021-21831Aug 5, 2021
    risk 0.00cvss epss 0.05

    A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the…

  • CVE-2021-31460May 7, 2021
    risk 0.00cvss epss 0.03

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2020-13547Dec 22, 2020
    risk 0.00cvss epss 0.03

    A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs…

  • CVE-2020-13570Dec 22, 2020
    risk 0.00cvss epss 0.02

    A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger the reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user…

  • CVE-2019-5130Jan 16, 2020
    risk 0.00cvss epss 0.02

    An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker…

  • CVE-2019-5031Oct 2, 2019
    risk 0.00cvss epss 0.06

    An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.4.1.16828. A specially crafted PDF document can trigger an out-of-memory condition which isn't handled properly, resulting in arbitrary code execution.…

  • CVE-2018-17662Jan 24, 2019
    risk 0.00cvss epss 0.04

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2015-8580Dec 16, 2015
    risk 0.00cvss epss 0.04

    Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document.

  • CVE-2015-3633May 1, 2015
    risk 0.00cvss epss 0.03

    Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures.

  • CVE-2012-4759Sep 6, 2012
    risk 0.00cvss epss 0.01

    Untrusted search path vulnerability in facebook_plugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file.…

  • CVE-2012-4337Aug 23, 2012
    risk 0.00cvss epss 0.05

    Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references.

  • CVE-2011-3691Sep 27, 2011
    risk 0.00cvss epss 0.01

    Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 allows local users to gain privileges via a Trojan horse dwmapi.dll, dwrite.dll, or msdrm.dll in the current working directory.

  • CVE-2011-1908Jun 24, 2011
    risk 0.00cvss epss 0.05

    Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document.

  • CVE-2011-0332Feb 25, 2011
    risk 0.00cvss epss 0.06

    Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow.

  • CVE-2009-0691Jun 23, 2009
    risk 0.00cvss epss 0.06

    The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 (aka JPX) header, which allows remote attackers to cause a denial of service (memory corruption and application…

Page 13 of 14