Approved changes feed: RSS · Atom
cpe:2.3:a:foxit:reader:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Foxit (3778a6df-af29-5bee-a995-959672e13d77) |
|---|---|
| Product | Reader (f677b11b-e446-546a-8d33-a621ec467ff6) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-25938 |
vulnerable | 2026-06-03 14:55:14.300750 |
Details available
HIGH (8.8)
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
Published: 2024-04-30T14:38:40.223Z
Updated: 2025-11-04T17:14:32.777Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-38573 |
vulnerable | 2026-06-03 14:52:31.599840 |
Details available
HIGH (8.8)
A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
Published: 2023-11-27T15:25:08.575Z
Updated: 2025-11-04T19:17:19.224Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34831 |
vulnerable | 2026-06-03 14:44:48.324861 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.4.37651. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Document objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13741.
Published: 2021-08-04T15:16:13.000Z
Updated: 2024-08-04T00:26:54.185Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31473 |
vulnerable | 2026-06-03 14:44:33.159560 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the browseForDoc function. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13523.
Published: 2021-05-21T14:40:14.000Z
Updated: 2024-08-03T23:03:32.613Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31472 |
vulnerable | 2026-06-03 14:44:33.159182 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13011.
Published: 2021-05-07T20:16:43.000Z
Updated: 2024-08-03T23:03:32.676Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31471 |
vulnerable | 2026-06-03 14:44:33.158779 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-12955.
Published: 2021-05-07T20:16:42.000Z
Updated: 2024-08-03T23:03:32.671Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31470 |
vulnerable | 2026-06-03 14:44:33.158398 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12947.
Published: 2021-05-07T20:16:42.000Z
Updated: 2024-08-03T23:03:33.520Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31469 |
vulnerable | 2026-06-03 14:44:33.158015 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-12936.
Published: 2021-05-07T20:16:41.000Z
Updated: 2024-08-03T23:03:32.683Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31468 |
vulnerable | 2026-06-03 14:44:33.157615 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D files embedded in PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13620.
Published: 2021-05-07T20:16:40.000Z
Updated: 2024-08-03T23:03:32.708Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31467 |
vulnerable | 2026-06-03 14:44:33.157219 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D files embedded in PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13621.
Published: 2021-05-07T20:16:39.000Z
Updated: 2024-08-03T23:03:32.802Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31466 |
vulnerable | 2026-06-03 14:44:33.156834 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13583.
Published: 2021-05-07T20:16:37.000Z
Updated: 2024-08-03T23:03:32.637Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31465 |
vulnerable | 2026-06-03 14:44:33.156438 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13582.
Published: 2021-05-07T20:16:36.000Z
Updated: 2024-08-03T23:03:32.682Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31464 |
vulnerable | 2026-06-03 14:44:33.156020 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13574.
Published: 2021-05-07T20:16:35.000Z
Updated: 2024-08-03T23:03:32.703Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31463 |
vulnerable | 2026-06-03 14:44:33.155592 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13573.
Published: 2021-05-07T20:16:35.000Z
Updated: 2024-08-03T23:03:32.568Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31462 |
vulnerable | 2026-06-03 14:44:33.151516 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13572.
Published: 2021-05-07T20:16:34.000Z
Updated: 2024-08-03T23:03:32.179Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31461 |
vulnerable | 2026-06-03 14:44:33.151118 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the the handling of app.media objects. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process Was ZDI-CAN-13333.
Published: 2021-05-07T20:16:33.000Z
Updated: 2024-08-03T23:03:32.637Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31460 |
vulnerable | 2026-06-03 14:44:33.150697 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA templates. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13096.
Published: 2021-05-07T20:16:32.000Z
Updated: 2024-08-03T23:03:32.541Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31459 |
vulnerable | 2026-06-03 14:44:33.150308 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13162.
Published: 2021-05-07T20:16:30.000Z
Updated: 2024-08-03T23:03:32.201Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31458 |
vulnerable | 2026-06-03 14:44:33.149904 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13150.
Published: 2021-05-07T20:16:29.000Z
Updated: 2024-08-03T23:03:32.197Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31457 |
vulnerable | 2026-06-03 14:44:33.149489 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13147.
Published: 2021-05-07T20:16:28.000Z
Updated: 2024-08-03T23:03:32.202Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31456 |
vulnerable | 2026-06-03 14:44:33.143201 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13102.
Published: 2021-05-07T20:16:26.000Z
Updated: 2024-08-03T23:03:32.194Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31455 |
vulnerable | 2026-06-03 14:44:33.142789 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13100.
Published: 2021-05-07T20:16:25.000Z
Updated: 2024-08-03T23:03:32.203Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31454 |
vulnerable | 2026-06-03 14:44:33.142321 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Decimal element. A crafted leadDigits value in a Decimal element can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Was ZDI-CAN-13095.
Published: 2021-05-07T20:16:25.000Z
Updated: 2024-08-03T23:03:32.189Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31453 |
vulnerable | 2026-06-03 14:44:33.141935 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13092.
Published: 2021-05-07T20:16:23.000Z
Updated: 2024-08-03T23:03:32.635Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31452 |
vulnerable | 2026-06-03 14:44:33.141540 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13091.
Published: 2021-05-07T20:16:22.000Z
Updated: 2024-08-03T22:55:53.778Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31451 |
vulnerable | 2026-06-03 14:44:33.141157 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13089.
Published: 2021-05-07T20:16:19.000Z
Updated: 2024-08-03T22:55:53.794Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31450 |
vulnerable | 2026-06-03 14:44:33.140777 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13084.
Published: 2021-05-07T20:16:18.000Z
Updated: 2024-08-03T22:55:53.783Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31449 |
vulnerable | 2026-06-03 14:44:33.140390 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13280.
Published: 2021-05-07T20:16:18.000Z
Updated: 2024-08-03T22:55:53.786Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31448 |
vulnerable | 2026-06-03 14:44:33.140005 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13273.
Published: 2021-05-07T20:16:16.000Z
Updated: 2024-08-03T22:55:53.820Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31447 |
vulnerable | 2026-06-03 14:44:33.139609 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13269.
Published: 2021-05-07T20:16:14.000Z
Updated: 2024-08-03T22:55:53.604Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31446 |
vulnerable | 2026-06-03 14:44:33.139240 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13245.
Published: 2021-05-07T20:16:13.000Z
Updated: 2024-08-03T22:55:53.954Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31445 |
vulnerable | 2026-06-03 14:44:33.138872 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13244.
Published: 2021-05-07T20:16:12.000Z
Updated: 2024-08-03T22:55:53.782Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31444 |
vulnerable | 2026-06-03 14:44:33.138495 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13241.
Published: 2021-05-07T20:16:11.000Z
Updated: 2024-08-03T22:55:53.815Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31443 |
vulnerable | 2026-06-03 14:44:33.138086 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13240.
Published: 2021-05-07T20:16:10.000Z
Updated: 2024-08-03T22:55:53.792Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31442 |
vulnerable | 2026-06-03 14:44:33.137674 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13239.
Published: 2021-05-07T20:16:10.000Z
Updated: 2024-08-03T22:55:53.813Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31441 |
vulnerable | 2026-06-03 14:44:33.135822 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13101.
Published: 2021-05-07T20:16:09.000Z
Updated: 2024-08-03T22:55:53.792Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-27517 |
vulnerable | 2026-06-03 14:44:16.175477 |
Details available
Foxit PDF SDK For Web through 7.5.0 allows XSS. There is arbitrary JavaScript code execution in the browser if a victim uploads a malicious PDF document containing embedded JavaScript code that abuses app.alert (in the Acrobat JavaScript API).
Published: 2021-07-20T11:38:37.000Z
Updated: 2024-08-03T21:26:09.183Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8857 |
vulnerable | 2026-06-03 14:43:12.009767 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of form Annotation objects within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9862.
Published: 2020-02-13T22:20:43.000Z
Updated: 2024-08-04T10:12:10.971Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8852 |
vulnerable | 2026-06-03 14:43:12.007775 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-9416.
Published: 2020-02-13T22:20:41.000Z
Updated: 2024-08-04T10:12:10.993Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8851 |
vulnerable | 2026-06-03 14:43:12.007382 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9406.
Published: 2020-02-13T22:20:41.000Z
Updated: 2024-08-04T10:12:10.955Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8850 |
vulnerable | 2026-06-03 14:43:12.006973 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9415.
Published: 2020-02-13T22:20:40.000Z
Updated: 2024-08-04T10:12:10.964Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8849 |
vulnerable | 2026-06-03 14:43:12.006558 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9413.
Published: 2020-02-13T22:20:40.000Z
Updated: 2024-08-04T10:12:10.992Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8848 |
vulnerable | 2026-06-03 14:43:12.006147 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9407.
Published: 2020-02-13T22:20:39.000Z
Updated: 2024-08-04T10:12:10.994Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8847 |
vulnerable | 2026-06-03 14:43:12.005733 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9414.
Published: 2020-02-13T22:20:39.000Z
Updated: 2024-08-04T10:12:10.991Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8844 |
vulnerable | 2026-06-03 14:43:12.002073 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG files within CovertToPDF. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9102.
Published: 2020-02-13T22:20:37.000Z
Updated: 2024-08-04T10:12:10.993Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-27860 |
vulnerable | 2026-06-03 14:42:18.692866 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA templates. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11727.
Published: 2021-02-11T23:35:35.000Z
Updated: 2024-08-04T16:25:43.672Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-17417 |
vulnerable | 2026-06-03 14:41:54.105455 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11657.
Published: 2020-10-13T17:10:48.000Z
Updated: 2024-08-04T13:53:17.421Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-17416 |
vulnerable | 2026-06-03 14:41:54.104936 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11497.
Published: 2020-10-13T17:10:47.000Z
Updated: 2024-08-04T13:53:17.407Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-17414 |
vulnerable | 2026-06-03 14:41:54.103675 |
Details available
HIGH (7.8)
This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader 10.0.0.35798. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the configuration files used by the Foxit Reader Update Service. The issue results from incorrect permissions set on a resource used by the service. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-11229.
Published: 2020-10-13T17:10:47.000Z
Updated: 2024-08-04T13:53:17.395Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-10907 |
vulnerable | 2026-06-03 14:41:00.691399 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of widgets in XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-10650.
Published: 2020-04-22T20:51:03.000Z
Updated: 2024-08-04T11:14:15.761Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-10906 |
vulnerable | 2026-06-03 14:41:00.691012 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the resetForm method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-10614.
Published: 2020-04-22T20:51:03.000Z
Updated: 2024-08-04T11:14:15.879Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-10900 |
vulnerable | 2026-06-03 14:41:00.688663 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-10142.
Published: 2020-04-22T20:51:00.000Z
Updated: 2024-08-04T11:14:15.637Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-10899 |
vulnerable | 2026-06-03 14:41:00.688157 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA templates. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-10132.
Published: 2020-04-22T20:50:59.000Z
Updated: 2024-08-04T11:14:15.730Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6775 |
vulnerable | 2026-06-03 14:40:40.624087 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportValues method within a AcroForm. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8491.
Published: 2019-10-04T17:37:02.000Z
Updated: 2024-08-04T20:31:04.068Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6774 |
vulnerable | 2026-06-03 14:40:40.623700 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deleteItemAt method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8295.
Published: 2019-10-04T17:37:02.000Z
Updated: 2024-08-04T20:31:04.358Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6773 |
vulnerable | 2026-06-03 14:40:40.623283 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the richValue property of a Field object within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8272.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.217Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6772 |
vulnerable | 2026-06-03 14:40:40.622878 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 2019.010.20098. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8231.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.277Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6771 |
vulnerable | 2026-06-03 14:40:40.622483 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 2019.010.20098. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the value property of a Field object within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8230.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.242Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6770 |
vulnerable | 2026-06-03 14:40:40.622091 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the resetForm method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8229.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.192Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6769 |
vulnerable | 2026-06-03 14:40:40.621703 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8165.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.200Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6768 |
vulnerable | 2026-06-03 14:40:40.621332 |
Details available
HIGH (7)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8164.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.246Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6767 |
vulnerable | 2026-06-03 14:40:40.620942 |
Details available
HIGH (7)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8163.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.216Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6766 |
vulnerable | 2026-06-03 14:40:40.620544 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8162.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.078Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6764 |
vulnerable | 2026-06-03 14:40:40.619685 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA Template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7972.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.237Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6763 |
vulnerable | 2026-06-03 14:40:40.619284 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ToggleFormsDesign method of the Foxit.FoxitReader.Ctl ActiveX object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7874.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.260Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6761 |
vulnerable | 2026-06-03 14:40:40.618488 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.0.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA CXFA_FFDocView object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7777.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.198Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6760 |
vulnerable | 2026-06-03 14:40:40.618069 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7694.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.175Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6759 |
vulnerable | 2026-06-03 14:40:40.617597 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7614.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.252Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6758 |
vulnerable | 2026-06-03 14:40:40.617217 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-7701.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.231Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6757 |
vulnerable | 2026-06-03 14:40:40.616802 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7696.
Published: 2019-06-03T18:15:02.000Z
Updated: 2024-08-04T20:31:04.219Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6755 |
vulnerable | 2026-06-03 14:40:40.616037 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7613.
Published: 2019-06-03T18:15:01.000Z
Updated: 2024-08-04T20:31:04.144Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6754 |
vulnerable | 2026-06-03 14:40:40.615649 |
Details available
HIGH (7.3)
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the localFileStorage method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7407.
Published: 2019-06-03T18:15:01.000Z
Updated: 2024-08-04T20:31:04.224Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6753 |
vulnerable | 2026-06-03 14:40:40.615231 |
Details available
LOW (3.3)
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.3.0.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Stuff method. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-7561.
Published: 2019-06-03T18:15:01.000Z
Updated: 2024-08-04T20:31:04.251Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6735 |
vulnerable | 2026-06-03 14:40:40.591130 |
Details available
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-7355.
Published: 2019-03-19T19:56:01.000Z
Updated: 2024-08-04T20:31:04.188Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6730 |
vulnerable | 2026-06-03 14:40:40.587024 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the popUpMenu method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7368.
Published: 2019-03-19T19:56:01.000Z
Updated: 2024-08-04T20:31:04.237Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6729 |
vulnerable | 2026-06-03 14:40:40.586668 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7423.
Published: 2019-03-19T19:56:01.000Z
Updated: 2024-08-04T20:31:04.050Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6728 |
vulnerable | 2026-06-03 14:40:40.586278 |
Details available
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-7353.
Published: 2019-03-19T19:56:01.000Z
Updated: 2024-08-04T20:31:04.065Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6727 |
vulnerable | 2026-06-03 14:40:40.584719 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA remerge method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7347.
Published: 2019-03-19T19:56:00.000Z
Updated: 2024-08-04T20:31:04.198Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13332 |
vulnerable | 2026-06-03 14:39:37.554995 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of templates in XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9149.
Published: 2019-10-03T21:33:03.000Z
Updated: 2024-08-04T23:49:24.679Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13331 |
vulnerable | 2026-06-03 14:39:37.554654 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8838.
Published: 2019-10-03T21:33:18.000Z
Updated: 2024-08-04T23:49:24.503Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13330 |
vulnerable | 2026-06-03 14:39:37.554305 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8742.
Published: 2019-10-03T21:33:18.000Z
Updated: 2024-08-04T23:49:24.606Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13329 |
vulnerable | 2026-06-03 14:39:37.553944 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8695.
Published: 2019-10-03T21:33:18.000Z
Updated: 2024-08-04T23:49:24.587Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13328 |
vulnerable | 2026-06-03 14:39:37.553591 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of fields within Acroform objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8913.
Published: 2019-10-03T21:33:17.000Z
Updated: 2024-08-04T23:49:24.588Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13327 |
vulnerable | 2026-06-03 14:39:37.553038 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of fields within Acroform objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8888.
Published: 2019-10-03T21:33:17.000Z
Updated: 2024-08-04T23:49:24.630Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13326 |
vulnerable | 2026-06-03 14:39:37.552679 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of fields within Acroform objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8864.
Published: 2019-10-03T21:33:17.000Z
Updated: 2024-08-04T23:49:24.567Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13320 |
vulnerable | 2026-06-03 14:39:37.540850 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8814.
Published: 2019-10-04T17:37:02.000Z
Updated: 2024-08-04T23:49:24.694Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13319 |
vulnerable | 2026-06-03 14:39:37.540435 |
Details available
HIGH (7.8)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8669.
Published: 2019-10-04T17:37:01.000Z
Updated: 2024-08-04T23:49:24.597Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13318 |
vulnerable | 2026-06-03 14:39:37.540023 |
Details available
MEDIUM (5.5)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the util.printf Javascript method. The application processes the %p parameter in the format string, allowing heap addresses to be returned to the script. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8544.
Published: 2019-10-04T17:37:01.000Z
Updated: 2024-08-04T23:49:24.556Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-13315 |
vulnerable | 2026-06-03 14:39:37.536299 |
Details available
HIGH (7.8)
This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8656.
Published: 2019-10-04T17:37:01.000Z
Updated: 2024-08-04T23:49:24.586Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17705 |
vulnerable | 2026-06-03 14:38:22.048260 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the display property of CheckBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7255.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.595Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17704 |
vulnerable | 2026-06-03 14:38:22.047900 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the textColor property of RadioButton objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7254.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.578Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17703 |
vulnerable | 2026-06-03 14:38:22.047443 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the defaultValue property of ComboBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7253.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.611Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17702 |
vulnerable | 2026-06-03 14:38:22.047102 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the richValue property of button objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7252.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.761Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17699 |
vulnerable | 2026-06-03 14:38:22.046062 |
Details available
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-7073.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.667Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17697 |
vulnerable | 2026-06-03 14:38:22.045383 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of templates. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7170.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.611Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17696 |
vulnerable | 2026-06-03 14:38:22.045030 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the dataObjects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7169.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.591Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17686 |
vulnerable | 2026-06-03 14:38:22.020723 |
Details available
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of BMP images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6844.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.548Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17685 |
vulnerable | 2026-06-03 14:38:22.020371 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6819.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.709Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17684 |
vulnerable | 2026-06-03 14:38:22.020016 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the isPropertySpecified method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6470.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.608Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17683 |
vulnerable | 2026-06-03 14:38:22.019676 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the createIcon method of an app object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7163.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.602Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17682 |
vulnerable | 2026-06-03 14:38:22.019331 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the delay property of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7157.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.891Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17681 |
vulnerable | 2026-06-03 14:38:22.018942 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the getPageBox method of a Form. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7141.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.676Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17680 |
vulnerable | 2026-06-03 14:38:22.018323 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the style property of a Field object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6915.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.612Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17679 |
vulnerable | 2026-06-03 14:38:22.017977 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. By manipulating a document's elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6890.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.620Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17678 |
vulnerable | 2026-06-03 14:38:22.017639 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the gotoNamedDest method of a app object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6851.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.564Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17677 |
vulnerable | 2026-06-03 14:38:22.017286 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the mailDoc method of a app object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6850.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.750Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17676 |
vulnerable | 2026-06-03 14:38:22.016945 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the removeField property of a app object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6849.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.761Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17675 |
vulnerable | 2026-06-03 14:38:22.016605 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the removeDataObject method of a document. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6848.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.551Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17674 |
vulnerable | 2026-06-03 14:38:22.016269 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the name property of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6845.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.530Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17673 |
vulnerable | 2026-06-03 14:38:22.015904 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the subtype property of a Annotation object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6820.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.751Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17672 |
vulnerable | 2026-06-03 14:38:22.015474 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of array indices. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6817.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.565Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17671 |
vulnerable | 2026-06-03 14:38:22.014992 |
Details available
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Lower method of a XFA object. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6617.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.588Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17670 |
vulnerable | 2026-06-03 14:38:22.014658 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the content property of a XFA object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6524.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.714Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17669 |
vulnerable | 2026-06-03 14:38:22.014321 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the name property of a XFA object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6523.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.681Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17668 |
vulnerable | 2026-06-03 14:38:22.013970 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the removeAttribute method of a XFA object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6522.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.596Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17667 |
vulnerable | 2026-06-03 14:38:22.013630 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the print method of a Host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6521.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.702Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17666 |
vulnerable | 2026-06-03 14:38:22.013303 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the exportData method of a host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6520.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.690Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17665 |
vulnerable | 2026-06-03 14:38:22.012957 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the currentPage property of a Host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6519.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.582Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17664 |
vulnerable | 2026-06-03 14:38:22.012612 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the isCompatibleNS method of a XFA object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6518.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.545Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17663 |
vulnerable | 2026-06-03 14:38:22.012263 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the importData method of a Host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6517.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.588Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17662 |
vulnerable | 2026-06-03 14:38:22.011881 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the beep method of a Host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6514.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.711Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17661 |
vulnerable | 2026-06-03 14:38:22.011535 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the messageBox method of a Host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6513.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.561Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17660 |
vulnerable | 2026-06-03 14:38:22.011183 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resetData method of a Host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6512.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.545Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17659 |
vulnerable | 2026-06-03 14:38:22.010826 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the title property of a Host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6511.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.583Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17658 |
vulnerable | 2026-06-03 14:38:22.010483 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the respose property of a host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6509.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.691Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17657 |
vulnerable | 2026-06-03 14:38:22.010111 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the gotoURL method of a host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6507.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.706Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17656 |
vulnerable | 2026-06-03 14:38:22.009564 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the getDisplayItem method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6506.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.568Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17655 |
vulnerable | 2026-06-03 14:38:22.009225 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the moveInstance method of a Form object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6505.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.527Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17654 |
vulnerable | 2026-06-03 14:38:22.008874 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the insertInstance method of a Form object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6504.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.432Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17653 |
vulnerable | 2026-06-03 14:38:22.008536 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resolveNode method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6503.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.333Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17652 |
vulnerable | 2026-06-03 14:38:22.008202 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the mandatory property of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6502.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.267Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17651 |
vulnerable | 2026-06-03 14:38:22.007845 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the getItemState method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6501.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.476Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17650 |
vulnerable | 2026-06-03 14:38:22.007504 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resolveNodes method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6487.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.457Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17649 |
vulnerable | 2026-06-03 14:38:22.007168 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the setAttribute method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6486.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.199Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17648 |
vulnerable | 2026-06-03 14:38:22.006820 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the rotate property of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6485.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.399Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17647 |
vulnerable | 2026-06-03 14:38:22.006469 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the boundItem method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6484.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.476Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17646 |
vulnerable | 2026-06-03 14:38:22.006120 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the fillColor property of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6483.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.367Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17645 |
vulnerable | 2026-06-03 14:38:22.005781 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the vAlign property of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6482.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.547Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17644 |
vulnerable | 2026-06-03 14:38:22.005450 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the addItem method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6481.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.242Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17643 |
vulnerable | 2026-06-03 14:38:22.005095 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the editValue property of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6480.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.295Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17642 |
vulnerable | 2026-06-03 14:38:22.004753 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the colSpan property of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6479.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.285Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17641 |
vulnerable | 2026-06-03 14:38:22.004334 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the deleteItem method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6478.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.426Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17640 |
vulnerable | 2026-06-03 14:38:22.003996 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Form count property. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6477.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.278Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17639 |
vulnerable | 2026-06-03 14:38:22.003652 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the setElement method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6475.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.267Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17638 |
vulnerable | 2026-06-03 14:38:22.003323 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the getAttribute method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6474.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.214Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17637 |
vulnerable | 2026-06-03 14:38:22.002981 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the loadXML method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6473.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.237Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17636 |
vulnerable | 2026-06-03 14:38:22.002645 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the id property of a aliasNode. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6472.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.290Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17635 |
vulnerable | 2026-06-03 14:38:22.002287 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the desc property. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6471.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.270Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17634 |
vulnerable | 2026-06-03 14:38:22.001952 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the attachIcon property of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6499.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.266Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17633 |
vulnerable | 2026-06-03 14:38:22.001608 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the subject property of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6498.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.272Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17632 |
vulnerable | 2026-06-03 14:38:22.001254 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resolveNode event. The issue results from the lack of validation of the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6700.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.512Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17631 |
vulnerable | 2026-06-03 14:38:22.000907 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the removeInstance event. The issue results from the lack of validation of the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6500.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.300Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17630 |
vulnerable | 2026-06-03 14:38:22.000570 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the openPlayer method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6616.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.544Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17629 |
vulnerable | 2026-06-03 14:38:22.000212 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of template objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6614.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.212Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17627 |
vulnerable | 2026-06-03 14:38:21.999507 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the XFA mouseUp event. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6455.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.580Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17626 |
vulnerable | 2026-06-03 14:38:21.999061 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Validate events of TextBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6439.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.319Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-17625 |
vulnerable | 2026-06-03 14:38:21.998599 |
Details available
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the setInterval() method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6438.
Published: 2019-01-24T04:00:00.000Z
Updated: 2024-08-05T10:54:10.289Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.