Foxit Software PDF Editor
Approved changes feed: RSS · Atom
cpe:2.3:a:foxit:pdf_editor:-:*:*:*:*:*:*:*
part: a version: - update: *
| Vendor | Foxit (3778a6df-af29-5bee-a995-959672e13d77) |
|---|---|
| Product | Pdf Editor (9ffd62d3-3123-511f-93d6-d83211921c55) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-30327 |
vulnerable | 2026-06-03 14:55:37.763495 |
Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of template objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22632.
Published: 2024-04-03T16:22:11.355Z
Updated: 2024-08-27T19:48:02.803Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51562 |
vulnerable | 2026-06-03 14:53:38.051228 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22500.
Published: 2024-05-03T02:15:01.655Z
Updated: 2024-08-02T22:40:32.568Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51557 |
vulnerable | 2026-06-03 14:53:38.043581 |
Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22256.
Published: 2024-05-03T02:14:57.662Z
Updated: 2024-08-02T22:40:34.013Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51556 |
vulnerable | 2026-06-03 14:53:38.043041 |
Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22255.
Published: 2024-05-03T02:14:56.861Z
Updated: 2024-08-02T22:40:33.186Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51554 |
vulnerable | 2026-06-03 14:53:38.038069 |
Foxit PDF Reader Signature Use-After-Free Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader Signature Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Signature objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22122.
Published: 2024-05-03T02:14:55.379Z
Updated: 2024-08-02T22:40:32.609Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51553 |
vulnerable | 2026-06-03 14:53:38.037318 |
Foxit PDF Reader Bookmark Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader Bookmark Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Bookmark objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22110.
Published: 2024-05-03T02:14:54.679Z
Updated: 2024-08-02T22:40:33.962Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51552 |
vulnerable | 2026-06-03 14:53:38.036726 |
Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Signature objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22007.
Published: 2024-05-03T02:14:53.993Z
Updated: 2024-08-02T22:40:32.572Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51551 |
vulnerable | 2026-06-03 14:53:38.031053 |
Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Signature objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22003.
Published: 2024-05-03T02:14:53.193Z
Updated: 2024-08-02T22:40:33.285Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51550 |
vulnerable | 2026-06-03 14:53:38.028283 |
Foxit PDF Reader combobox Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader combobox Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of combobox fields. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21870.
Published: 2024-05-03T02:14:52.511Z
Updated: 2024-08-02T22:40:33.622Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42098 |
vulnerable | 2026-06-03 14:52:53.062118 |
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22037.
Published: 2024-05-03T02:13:10.448Z
Updated: 2024-08-02T19:16:50.414Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42097 |
vulnerable | 2026-06-03 14:52:53.061682 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21902.
Published: 2024-05-03T02:13:09.635Z
Updated: 2024-08-02T19:16:50.139Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42096 |
vulnerable | 2026-06-03 14:52:53.061197 |
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21880.
Published: 2024-05-03T02:13:08.827Z
Updated: 2024-08-02T19:16:50.393Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42095 |
vulnerable | 2026-06-03 14:52:53.060694 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21879.
Published: 2024-05-03T02:13:08.136Z
Updated: 2024-08-02T19:16:50.103Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42094 |
vulnerable | 2026-06-03 14:52:53.060197 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21873.
Published: 2024-05-03T02:13:07.356Z
Updated: 2024-08-02T19:16:50.475Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42093 |
vulnerable | 2026-06-03 14:52:53.059715 |
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21869.
Published: 2024-05-03T02:13:06.659Z
Updated: 2024-08-02T19:16:50.152Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42092 |
vulnerable | 2026-06-03 14:52:53.059158 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21676.
Published: 2024-05-03T02:13:05.961Z
Updated: 2024-08-02T19:16:50.442Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42090 |
vulnerable | 2026-06-03 14:52:53.056020 |
Foxit PDF Reader XFA Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader XFA Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21596.
Published: 2024-05-03T02:13:04.409Z
Updated: 2024-08-02T19:16:50.096Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-38118 |
vulnerable | 2026-06-03 14:52:30.320564 |
Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21325.
Published: 2024-05-03T01:59:16.080Z
Updated: 2024-08-02T17:30:14.118Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-38116 |
vulnerable | 2026-06-03 14:52:30.319757 |
Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21292.
Published: 2024-05-03T01:59:14.507Z
Updated: 2024-08-02T17:30:14.037Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-38111 |
vulnerable | 2026-06-03 14:52:30.314233 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21025.
Published: 2024-05-03T01:59:10.625Z
Updated: 2024-08-02T17:30:14.065Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-27364 |
vulnerable | 2026-06-03 14:51:01.043205 |
Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of XLS files. The issue results from the lack of proper restrictions on macro-enabled documents. An attacker can leverage this vulnerability to execute code in the context of the current process.
. Was ZDI-CAN-19738.
Published: 2024-05-03T01:56:15.231Z
Updated: 2024-09-18T18:28:05.297Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41780 |
vulnerable | 2026-06-03 14:45:26.212877 |
Details available
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
Published: 2022-08-29T04:54:27.000Z
Updated: 2024-08-04T03:15:29.199Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34975 |
vulnerable | 2026-06-03 14:44:48.510851 |
Foxit PDF Reader transitionToState Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader transitionToState Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the implementation of the transitionToState method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15218.
Published: 2024-05-07T22:54:47.464Z
Updated: 2024-08-04T00:26:55.673Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34974 |
vulnerable | 2026-06-03 14:44:48.510385 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15167.
Published: 2024-05-07T22:54:46.557Z
Updated: 2024-08-04T00:26:55.722Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34972 |
vulnerable | 2026-06-03 14:44:48.509221 |
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the processing of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14975.
Published: 2024-05-07T22:54:44.780Z
Updated: 2024-08-04T00:26:55.786Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34971 |
vulnerable | 2026-06-03 14:44:48.508550 |
Foxit PDF Reader JPG2000 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader JPG2000 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14812.
Published: 2024-05-07T22:54:43.902Z
Updated: 2024-08-04T00:26:55.656Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34970 |
vulnerable | 2026-06-03 14:44:48.508086 |
Foxit PDF Reader print Method Use of Externally-Controlled Format String Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader print Method Use of Externally-Controlled Format String Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the implementation of the print method. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14849.
Published: 2024-05-07T22:54:43.051Z
Updated: 2024-08-04T00:26:55.785Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34966 |
vulnerable | 2026-06-03 14:44:48.506375 |
Foxit PDF Editor FileAttachment Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Editor FileAttachment Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14367.
Published: 2024-05-07T22:54:39.596Z
Updated: 2024-08-04T00:26:55.841Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34964 |
vulnerable | 2026-06-03 14:44:48.505516 |
Foxit PDF Editor Polygon Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Editor Polygon Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14366.
Published: 2024-05-07T22:54:37.825Z
Updated: 2024-08-04T00:26:55.650Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34961 |
vulnerable | 2026-06-03 14:44:48.504083 |
Foxit PDF Editor Ink Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Editor Ink Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14363.
Published: 2024-05-07T22:54:35.184Z
Updated: 2024-08-04T00:26:55.686Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34960 |
vulnerable | 2026-06-03 14:44:48.503593 |
Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14362.
Published: 2024-05-07T22:54:34.306Z
Updated: 2024-08-04T00:26:55.648Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34958 |
vulnerable | 2026-06-03 14:44:48.502683 |
Foxit PDF Editor Text Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Editor Text Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14359.
Published: 2024-05-07T22:54:32.624Z
Updated: 2024-08-04T00:26:55.747Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34957 |
vulnerable | 2026-06-03 14:44:48.502193 |
Foxit PDF Editor Highlight Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Editor Highlight Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14358.
Published: 2024-05-07T22:54:31.697Z
Updated: 2024-08-04T00:26:55.666Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34956 |
vulnerable | 2026-06-03 14:44:48.501693 |
Foxit PDF Editor Underline Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Editor Underline Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14357.
Published: 2024-05-07T22:54:30.787Z
Updated: 2024-08-04T00:26:55.773Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34953 |
vulnerable | 2026-06-03 14:44:48.500353 |
Foxit PDF Reader Annotation Use of Uninitialized Variable Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Annotation Use of Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14658.
Published: 2024-05-07T22:54:28.311Z
Updated: 2024-08-04T00:26:55.742Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34951 |
vulnerable | 2026-06-03 14:44:48.497952 |
Foxit PDF Reader Annotation Use of Uninitialized Variable Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader Annotation Use of Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14395.
Published: 2024-05-07T22:54:26.531Z
Updated: 2024-08-04T00:26:55.649Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34950 |
vulnerable | 2026-06-03 14:44:48.495324 |
Foxit PDF Reader Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14396.
Published: 2024-05-07T22:54:25.687Z
Updated: 2024-08-04T00:26:55.651Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34948 |
vulnerable | 2026-06-03 14:44:48.490649 |
Foxit PDF Reader Square Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Square Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Square annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14272.
Published: 2024-05-07T22:54:23.864Z
Updated: 2024-08-04T00:26:55.744Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.