cbcvebase.

Foxit Reader vulnerabilities

247 known vulnerabilities affecting foxit/foxit_reader.

Total CVEs
247
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH197MEDIUM49

Vulnerabilities

Page 6 of 13
CVE-2018-11618HIGHCVSS 8.8v9.0.0.299352018-07-31
CVE-2018-11618 [HIGH] CWE-416 CVE-2018-11618: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resetForm method. The issue results from the
nvd
CVE-2018-14306HIGHCVSS 8.8v9.0.1.50962018-07-31
CVE-2018-14306 [HIGH] CWE-416 CVE-2018-14306: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of button objects. By manipulating a document's el
nvd
CVE-2018-11617HIGHCVSS 8.8v9.0.0.299352018-07-31
CVE-2018-11617 [HIGH] CWE-416 CVE-2018-11617: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Format events for ComboBox fields. The issue res
nvd
CVE-2018-14252HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14252 [HIGH] CWE-843 CVE-2018-14252: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getField method. By performing actions in JavaScript, an atta
nvd
CVE-2018-14262HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14262 [HIGH] CWE-843 CVE-2018-14262: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getURL method. By performing actions in JavaScript, an attack
nvd
CVE-2018-14249HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14249 [HIGH] CWE-843 CVE-2018-14249: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportDataObject method. By performing actions in JavaScript,
nvd
CVE-2018-14277HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14277 [HIGH] CWE-843 CVE-2018-14277: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the mailDoc method. By performing actions in JavaScript, an attac
nvd
CVE-2018-14273HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14273 [HIGH] CWE-843 CVE-2018-14273: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeTemplate method. By performing actions in JavaScript, a
nvd
CVE-2018-14276HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14276 [HIGH] CWE-843 CVE-2018-14276: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the submitForm method. By performing actions in JavaScript, an at
nvd
CVE-2018-14257HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14257 [HIGH] CWE-843 CVE-2018-14257: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getPageBox method. By performing actions in JavaScript, an at
nvd
CVE-2018-14275HIGHCVSS 8.8v9.0.1.10492018-07-31
CVE-2018-14275 [HIGH] CWE-843 CVE-2018-14275: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the spawnPageFromTemplate method. By performing actions in JavaSc
nvd
CVE-2018-11621MEDIUMCVSS 6.5v9.0.1.10492018-07-31
CVE-2018-11621 [MEDIUM] CWE-125 CVE-2018-11621: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack
nvd
CVE-2018-11620MEDIUMCVSS 6.5v9.0.1.10492018-07-31
CVE-2018-11620 [MEDIUM] CWE-125 CVE-2018-11620: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack
nvd
CVE-2018-14316MEDIUMCVSS 6.5v9.0.1.50962018-07-31
CVE-2018-14316 [MEDIUM] CWE-125 CVE-2018-14316: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF documents. The issue results fro
nvd
CVE-2018-14289MEDIUMCVSS 6.5v9.0.1.50962018-07-31
CVE-2018-14289 [MEDIUM] CWE-125 CVE-2018-14289: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. The issue results from t
nvd
CVE-2018-9975HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9975 [HIGH] CWE-416 CVE-2018-9975: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of shift events. The issue results from the lack of va
nvd
CVE-2018-1177HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-1177 [HIGH] CWE-416 CVE-2018-1177: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the addAnnot method. The issue results from the la
nvd
CVE-2018-9943HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-9943 [HIGH] CWE-704 CVE-2018-9943: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the openList method. The issue results from the la
nvd
CVE-2018-9944HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-9944 [HIGH] CWE-416 CVE-2018-9944: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addLink method. The issue results from the lack of validating
nvd
CVE-2018-9955HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9955 [HIGH] CWE-416 CVE-2018-9955: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA resolveNode method of Button elements. The issue results fr
nvd
← Previous6 / 13Next →
Foxit Reader vulnerabilities | cvebase