Pdf Reader
Approved changes feed: RSS · Atom
cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:windows:*:*
part: a version: * update: *
| Vendor | Foxit (3778a6df-af29-5bee-a995-959672e13d77) |
|---|---|
| Product | Pdf Reader (e9c9f198-a64d-5586-91d0-9e5c428b0da1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | windows |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-9256 |
vulnerable | 2026-06-03 14:58:20.858911 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-25267.
Published: 2024-11-22T21:18:56.580Z
Updated: 2024-11-25T18:46:17.192Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9255 |
vulnerable | 2026-06-03 14:58:20.858173 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25174.
Published: 2024-11-22T21:19:00.522Z
Updated: 2024-11-26T15:57:53.769Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9254 |
vulnerable | 2026-06-03 14:58:20.857522 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25173.
Published: 2024-11-22T21:19:05.561Z
Updated: 2024-11-26T15:57:53.910Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9253 |
vulnerable | 2026-06-03 14:58:20.856878 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24492.
Published: 2024-11-22T21:19:13.688Z
Updated: 2024-11-25T18:46:16.880Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9252 |
vulnerable | 2026-06-03 14:58:20.856310 |
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24491.
Published: 2024-11-22T21:19:17.772Z
Updated: 2024-11-25T18:40:41.598Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9251 |
vulnerable | 2026-06-03 14:58:20.855716 |
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24490.
Published: 2024-11-22T21:19:09.031Z
Updated: 2024-11-25T18:46:17.029Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9250 |
vulnerable | 2026-06-03 14:58:20.855316 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24489.
Published: 2024-11-22T21:19:22.615Z
Updated: 2024-11-26T15:57:54.040Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9249 |
vulnerable | 2026-06-03 14:58:20.854630 |
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24301.
Published: 2024-11-22T21:16:42.757Z
Updated: 2024-11-26T15:57:53.082Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9248 |
vulnerable | 2026-06-03 14:58:20.854120 |
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24300.
Published: 2024-11-22T21:19:26.589Z
Updated: 2024-11-26T15:57:54.363Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9247 |
vulnerable | 2026-06-03 14:58:20.853563 |
Foxit PDF Reader Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24173.
Published: 2024-11-22T21:16:51.905Z
Updated: 2024-11-26T15:57:53.252Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9246 |
vulnerable | 2026-06-03 14:58:20.852870 |
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24135.
Published: 2024-11-22T21:17:00.335Z
Updated: 2024-11-25T18:46:17.331Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9245 |
vulnerable | 2026-06-03 14:58:20.852393 |
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability
HIGH (7.8)
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the handling of the configuration files used by the Foxit Reader Update Service. The issue results from incorrect permissions set on a resource used by the service. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-23966.
Published: 2024-11-22T21:17:32.646Z
Updated: 2024-11-26T15:57:53.504Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9244 |
vulnerable | 2026-06-03 14:58:20.851929 |
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability
HIGH (7.8)
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the handling of the configuration files used by the Foxit Reader Update Service. The issue results from incorrect permissions set on a resource used by the service. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-23933.
Published: 2024-11-22T21:17:16.795Z
Updated: 2024-11-26T15:57:53.378Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9243 |
vulnerable | 2026-06-03 14:58:20.851280 |
Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23932.
Published: 2024-11-22T21:17:45.676Z
Updated: 2024-11-26T15:57:53.635Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.