Foxit Reader vulnerabilities

CVE-2017-14829 [HIGH] CWE-843 CVE-2017-14829: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the openList method of XFAScriptObject objects. The issue result

CVE-2017-16571 [HIGH] CWE-843 CVE-2017-16571: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of references to the app object from FormCalc. The

CVE-2017-14824 [HIGH] CWE-843 CVE-2017-14824: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the insert method of XFAScriptObject objects. The issue results

CVE-2017-16578 [HIGH] CWE-843 CVE-2017-16578: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the picture elements within XFA forms. The issue results from th

CVE-2017-16576 [HIGH] CWE-416 CVE-2017-16576: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's field element. The issue results from the lack of validati

CVE-2017-16589 [MEDIUM] CWE-125 CVE-2017-16589: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the yTsiz member of SIZ markers. The i

CVE-2017-14819 [MEDIUM] CWE-125 CVE-2017-14819: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the channel number member of the cdef box. The issue

CVE-2017-16580 [MEDIUM] CWE-125 CVE-2017-16580: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ImageField node of XFA forms. The issue results f

CVE-2017-16584 [MEDIUM] CWE-125 CVE-2017-16584: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within util.printf. The issue results from the lack of prope

CVE-2017-14818 [MEDIUM] CWE-125 CVE-2017-14818: This vulnerability allows remote attackers to disclose sensitive on vulnerable installations of Foxi This vulnerability allows remote attackers to disclose sensitive on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images embedded in PDF files. The issue r

CVE-2017-10956 [MEDIUM] CWE-125 CVE-2017-10956: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the tile index member of SOT markers. The issue resul

CVE-2017-16574 [MEDIUM] CWE-125 CVE-2017-16574: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Image filters. The issue results from

CVE-2017-16573 [MEDIUM] CWE-125 CVE-2017-16573: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LZWDecode filters. The issue results f

CVE-2017-14822 [MEDIUM] CWE-125 CVE-2017-14822: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the xOsiz member of SIZ markers. The i

CVE-2017-16588 [MEDIUM] CWE-125 CVE-2017-16588: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SOT markers. The issue results from th

CVE-2017-14820 [MEDIUM] CWE-125 CVE-2017-14820: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the tile index of the SOT marker in JPEG2000 images.

CVE-2017-16579 [MEDIUM] CWE-125 CVE-2017-16579: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results fro

CVE-2017-14821 [MEDIUM] CWE-125 CVE-2017-14821: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the xTsiz member of SIZ markers. The i

CVE-2017-10946 [HIGH] CWE-416 CVE-2017-10946: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setItem function. The issue results from the lack of validati

CVE-2017-10945 [HIGH] CWE-416 CVE-2017-10945: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the app.alert function. The issue results from the lack of valid