cbcvebase.

Foxit Reader vulnerabilities

247 known vulnerabilities affecting foxit/foxit_reader.

Total CVEs
247
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH197MEDIUM49

Vulnerabilities

Page 10 of 13
CVE-2018-9983MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-9983 [MEDIUM] CWE-125 CVE-2018-9983: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the la
nvd
CVE-2018-1175MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-1175 [MEDIUM] CWE-665 CVE-2018-1175: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the interactive attribute of PrintParam
nvd
CVE-2018-10476MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10476 [MEDIUM] CWE-125 CVE-2018-10476: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Model Node structures. The issue r
nvd
CVE-2018-9963MEDIUMCVSS 6.5v9.0.1.10492018-05-17
CVE-2018-9963 [MEDIUM] CWE-125 CVE-2018-9963: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from t
nvd
CVE-2018-10481MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10481 [MEDIUM] CWE-125 CVE-2018-10481: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D Texture Resource structures. The
nvd
CVE-2018-10479MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10479 [MEDIUM] CWE-125 CVE-2018-10479: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Key Frame structures. The issue re
nvd
CVE-2018-9979MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-9979 [MEDIUM] CWE-125 CVE-2018-9979: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Texture Continuation objects in U3D file
nvd
CVE-2018-1179MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-1179 [MEDIUM] CWE-125 CVE-2018-1179: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DataSubBlock structures in GIF images. T
nvd
CVE-2018-10475MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10475 [MEDIUM] CWE-125 CVE-2018-10475: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Light Node structures. The issue r
nvd
CVE-2018-10485MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10485 [MEDIUM] CWE-125 CVE-2018-10485: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within U3D Texture Height structures. The issue results from
nvd
CVE-2018-10486MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10486 [MEDIUM] CWE-125 CVE-2018-10486: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the U3D Image Index. The issue results
nvd
CVE-2018-10487MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10487 [MEDIUM] CWE-125 CVE-2018-10487: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files embedded inside PDF document
nvd
CVE-2018-9980MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-9980 [MEDIUM] CWE-125 CVE-2018-9980: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the la
nvd
CVE-2018-10480MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10480 [MEDIUM] CWE-125 CVE-2018-10480: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the U3D Node Name buffer. The issue r
nvd
CVE-2018-10482MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10482 [MEDIUM] CWE-125 CVE-2018-10482: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the U3D Texture Image Format object. The issue result
nvd
CVE-2017-14833HIGHCVSS 8.8v8.3.1.211552017-12-20
CVE-2017-14833 [HIGH] CWE-416 CVE-2017-14833: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the style attribute of Text Annotation objects. The issue result
nvd
CVE-2017-10958HIGHCVSS 8.8v8.3.1.211552017-12-20
CVE-2017-10958 [HIGH] CWE-416 CVE-2017-10958: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the value attribute of Field objects. The issue results from the
nvd
CVE-2017-16586HIGHCVSS 8.8v8.3.2.250132017-12-20
CVE-2017-16586 [HIGH] CWE-416 CVE-2017-16586: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addAnnot method. The issue results from the lack of validati
nvd
CVE-2017-14823HIGHCVSS 8.8v8.3.1.211552017-12-20
CVE-2017-14823 [HIGH] CWE-843 CVE-2017-14823: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the signer method of XFA's Signature objects. The issue results
nvd
CVE-2017-14832HIGHCVSS 8.8v8.3.1.211552017-12-20
CVE-2017-14832 [HIGH] CWE-416 CVE-2017-14832: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the style attribute of Caret Annotation objects. The issue resul
nvd
← Previous10 / 13Next →