VYPR

Foxit Reader Plugin

by Foxitsoftware

CVEs (285)

  • CVE-2017-10945HigOct 31, 2017
    risk 0.57cvss 8.8epss 0.03

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2017-10941HigOct 31, 2017
    risk 0.57cvss 8.8epss 0.03

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2018-16297HigOct 8, 2018
    risk 0.51cvss 7.8epss 0.03

    An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16296. A specially…

  • CVE-2018-16296HigOct 8, 2018
    risk 0.51cvss 7.8epss 0.03

    An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16297. A specially…

  • CVE-2018-16295HigOct 8, 2018
    risk 0.51cvss 7.8epss 0.03

    An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16296, and CVE-2018-16297. A specially…

  • CVE-2018-16293HigOct 8, 2018
    risk 0.51cvss 7.8epss 0.03

    An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially…

  • CVE-2018-16292HigOct 8, 2018
    risk 0.51cvss 7.8epss 0.03

    An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially…

  • CVE-2018-16291HigOct 8, 2018
    risk 0.51cvss 7.8epss 0.03

    An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially…

  • CVE-2018-3967HigOct 3, 2018
    risk 0.51cvss 7.8epss 0.06

    An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker…

  • CVE-2018-3964HigOct 3, 2018
    risk 0.51cvss 7.8epss 0.09

    An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker…

  • CVE-2018-3960HigOct 2, 2018
    risk 0.51cvss 7.8epss 0.02

    A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Producer property of the this.info object. An attacker needs to trick the user to open the malicious…

  • CVE-2018-3959HigOct 2, 2018
    risk 0.51cvss 7.8epss 0.02

    A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Author property of the this.info object. An attacker needs to trick the user to open the malicious file…

  • CVE-2018-10302HigApr 23, 2018
    risk 0.51cvss 7.8epss 0.03

    A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-jyb51g3mv9.

  • CVE-2016-4065HigApr 22, 2016
    risk 0.51cvss 7.8epss 0.03

    The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 7.3.4 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted (1) JPEG, (2) GIF, or (3) BMP image.

  • CVE-2016-4059HigApr 22, 2016
    risk 0.51cvss 7.8epss 0.04

    Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document.

  • CVE-2018-9948MedMay 17, 2018
    risk 0.50cvss 6.5epss 0.64

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2015-8843HigApr 13, 2016
    risk 0.48cvss 7.4epss 0.01

    The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory…

  • CVE-2018-9950MedMay 17, 2018
    risk 0.43cvss 6.5epss 0.04

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2018-14316MedJul 31, 2018
    risk 0.42cvss 6.5epss 0.03

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2018-14289MedJul 31, 2018
    risk 0.42cvss 6.5epss 0.03

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

Page 10 of 15