cbcvebase.

Foxit Reader vulnerabilities

247 known vulnerabilities affecting foxit/foxit_reader.

Total CVEs
247
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH197MEDIUM49

Vulnerabilities

Page 3 of 13
CVE-2018-14315HIGHCVSS 8.8v9.0.1.50962018-07-31
CVE-2018-14315 [HIGH] CWE-416 CVE-2018-14315: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of annotations. The issue results from the lack of v
nvd
CVE-2018-14243HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14243 [HIGH] CWE-843 CVE-2018-14243: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addPageOpenJSMessage method. By performing actions in JavaScr
nvd
CVE-2018-14241HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14241 [HIGH] CWE-843 CVE-2018-14241: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addAnnot method. By performing actions in JavaScript, an atta
nvd
CVE-2018-14251HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14251 [HIGH] CWE-843 CVE-2018-14251: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getDataObject method. By performing actions in JavaScript, an
nvd
CVE-2018-14253HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14253 [HIGH] CWE-843 CVE-2018-14253: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getIcon method. By performing actions in JavaScript, an attac
nvd
CVE-2018-14274HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14274 [HIGH] CWE-843 CVE-2018-14274: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the scroll method. By performing actions in JavaScript, an attack
nvd
CVE-2018-14270HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14270 [HIGH] CWE-843 CVE-2018-14270: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeDataObject method. By performing actions in JavaScript,
nvd
CVE-2018-14256HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14256 [HIGH] CWE-843 CVE-2018-14256: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getOCGs method. By performing actions in JavaScript, an attac
nvd
CVE-2018-14290HIGHCVSS 8.8v9.0.1.50962018-07-31
CVE-2018-14290 [HIGH] CWE-122 CVE-2018-14290: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. The issue results from the lack of
nvd
CVE-2018-14293HIGHCVSS 8.8v9.1.0.50962018-07-31
CVE-2018-14293 [HIGH] CWE-416 CVE-2018-14293: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. By manipulating a document's elemen
nvd
CVE-2018-14308HIGHCVSS 8.8v9.0.1.50962018-07-31
CVE-2018-14308 [HIGH] CWE-416 CVE-2018-14308: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the valueAsString function. The issue results fro
nvd
CVE-2018-14305HIGHCVSS 8.8v9.0.1.50962018-07-31
CVE-2018-14305 [HIGH] CWE-416 CVE-2018-14305: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PolyLine annotations. By manipulating a documen
nvd
CVE-2018-14303HIGHCVSS 8.8v9.0.1.50962018-07-31
CVE-2018-14303 [HIGH] CWE-416 CVE-2018-14303: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of StrikeOut annotations. By manipulating a docume
nvd
CVE-2018-14261HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14261 [HIGH] CWE-843 CVE-2018-14261: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getTemplate method. By performing actions in JavaScript, an a
nvd
CVE-2018-14254HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14254 [HIGH] CWE-843 CVE-2018-14254: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getLinks method. By performing actions in JavaScript, an atta
nvd
CVE-2018-14259HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14259 [HIGH] CWE-843 CVE-2018-14259: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getPageNthWordQuads method. By performing actions in JavaScri
nvd
CVE-2018-14264HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14264 [HIGH] CWE-843 CVE-2018-14264: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the importAnFDF method. By performing actions in JavaScript, an a
nvd
CVE-2018-14287HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14287 [HIGH] CWE-843 CVE-2018-14287: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of arguments passed to the instanceManager.nodes.app
nvd
CVE-2018-14307HIGHCVSS 8.8v9.0.1.50962018-07-31
CVE-2018-14307 [HIGH] CWE-416 CVE-2018-14307: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Link objects. By manipulating a document's elem
nvd
CVE-2018-14250HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14250 [HIGH] CWE-843 CVE-2018-14250: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getAnnot method. By performing actions in JavaScript, an atta
nvd
← Previous3 / 13Next →
Foxit Reader vulnerabilities | cvebase