Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Foxit_reader
(Foxitsoftware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 372 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-11-17 | CVE-2018-19343 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read), obtain sensitive information, or possibly have unspecified other impact via a U3D sample because of a "Data from Faulting Address controls Code Flow starting at U3DBrowser!PlugInMain+0x00000000000f43ff" issue. | Foxit_reader, U3d | 7.1 | ||
| 2018-11-17 | CVE-2018-19342 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Read Access Violation starting at U3DBrowser+0x000000000000347a" issue. | Foxit_reader, U3d | 7.1 | ||
| 2018-11-17 | CVE-2018-19341 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Read Access Violation near NULL starting at FoxitReader!std::basic_ostream >::operator<<+0x0000000000087906" issue. | Foxit_reader, U3d | 7.1 | ||
| 2018-11-05 | CVE-2018-18933 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Read Access Violation near NULL starting at FoxitReader!safe_vsnprintf+0x00000000002c4330" issue. | Foxit_reader, U3d | 9.1 | ||
| 2018-07-20 | CVE-2018-14442 | Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs. | Foxit_reader, Phantompdf | 9.8 | ||
| 2018-07-31 | CVE-2018-14300 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Polygon annotations. By manipulating a document's elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code... | Foxit_reader, Phantompdf | 8.8 | ||
| 2018-07-31 | CVE-2018-14295 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PDF documents. When parsing shading patterns, the process does not properly validate user-supplied data, which can result in an integer overflow before allocating a buffer. An... | Foxit_reader, Phantompdf | 8.8 | ||
| 2018-04-23 | CVE-2018-10303 | A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-y0nqfutlf3. | Foxit_reader, Phantompdf | 8.8 | ||
| 2018-04-23 | CVE-2018-10302 | A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-jyb51g3mv9. | Foxit_reader, Phantompdf | 7.8 | ||
| 2017-05-03 | CVE-2017-8455 | Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | Foxit_reader, Phantompdf | 7.8 |