Filtered by vendor Foxitsoftware
Subscribe
Total
797 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8856 | 1 Foxitsoftware | 1 Reader | 2017-07-29 | 4.6 MEDIUM | 7.8 HIGH |
| Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader for Linux 2.1.0.0805 and earlier suffered from a vulnerability where weak file permissions could be exploited by attackers to execute arbitrary code. After the installation, Foxit Reader's core files were world-writable by default, allowing an attacker to overwrite them with backdoor code, which when executed by privileged user would result in Privilege Escalation, Code Execution, or both. | |||||
| CVE-2017-8455 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2017-05-12 | 6.8 MEDIUM | 7.8 HIGH |
| Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | |||||
| CVE-2017-8453 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2017-05-12 | 6.8 MEDIUM | 8.8 HIGH |
| Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | |||||
| CVE-2017-8454 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2017-05-12 | 6.8 MEDIUM | 8.8 HIGH |
| Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | |||||
| CVE-2017-7584 | 1 Foxitsoftware | 1 Foxit Pdf Toolkit | 2017-04-12 | 6.8 MEDIUM | 7.8 HIGH |
| Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file. | |||||
| CVE-2016-3740 | 1 Foxitsoftware | 1 Foxit Reader | 2017-04-11 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the CreateFXPDFConvertor function in ConvertToPdf_x86.dll in Foxit Reader 7.3.4.311 allows remote attackers to execute arbitrary code via a large SamplesPerPixel value in a crafted TIFF image that is mishandled during PDF conversion. This is fixed in 8.0. | |||||
| CVE-2017-5364 | 1 Foxitsoftware | 1 Foxit Pdf Toolkit | 2017-02-03 | 6.8 MEDIUM | 7.8 HIGH |
| Memory Corruption Vulnerability in Foxit PDF Toolkit v1.3 allows an attacker to cause Denial of Service and Remote Code Execution when the victim opens the specially crafted PDF file. The Vulnerability has been fixed in v2.0. | |||||
| CVE-2017-5556 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2017-01-26 | 5.8 MEDIUM | 8.1 HIGH |
| The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. | |||||
| CVE-2015-3633 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2017-01-03 | 5.0 MEDIUM | N/A |
| Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures. | |||||
| CVE-2015-3632 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2017-01-03 | 4.3 MEDIUM | N/A |
| Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file. | |||||
| CVE-2015-2790 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2016-12-03 | 4.3 MEDIUM | N/A |
| Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image. | |||||
| CVE-2015-2789 | 1 Foxitsoftware | 1 Foxit Reader | 2016-12-03 | 4.4 MEDIUM | N/A |
| Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. | |||||
| CVE-2016-8878 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2016-11-29 | 6.8 MEDIUM | 8.8 HIGH |
| Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return value starting at FOXITREADER." | |||||
| CVE-2016-8877 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2016-11-29 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue. | |||||
| CVE-2016-8876 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2016-11-29 | 6.8 MEDIUM | 7.5 HIGH |
| Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader." | |||||
| CVE-2016-8875 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2016-11-29 | 4.3 MEDIUM | 5.3 MEDIUM |
| The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ConvertToPDF_x86!CreateFXPDFConvertor." | |||||
| CVE-2016-8879 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2016-11-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap Corruption" issue. | |||||
| CVE-2016-4064 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2016-11-28 | 6.8 MEDIUM | 7.8 HIGH |
| Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call. | |||||
| CVE-2016-4063 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2016-11-28 | 6.8 MEDIUM | 7.8 HIGH |
| Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document. | |||||
| CVE-2016-4062 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2016-11-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF. | |||||