cbcvebase.

Foxit Reader vulnerabilities

247 known vulnerabilities affecting foxit/foxit_reader.

Total CVEs
247
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH197MEDIUM49

Vulnerabilities

Page 8 of 13
CVE-2018-10483HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-10483 [HIGH] CWE-787 CVE-2018-10483: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Clod Progressive Mesh objects. The issue resu
nvd
CVE-2018-9947HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-9947 [HIGH] CWE-122 CVE-2018-9947: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of prop
nvd
CVE-2018-10490HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-10490 [HIGH] CWE-119 CVE-2018-10490: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG images embedded inside U3D files. The issue
nvd
CVE-2018-1178HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-1178 [HIGH] CWE-416 CVE-2018-1178: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the addField method. The issue results from the la
nvd
CVE-2018-9958HIGHCVSS 8.8PoCv9.0.1.10492018-05-17
CVE-2018-9958 [HIGH] CWE-416 CVE-2018-9958: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute,
nvd
CVE-2018-9959HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9959 [HIGH] CWE-416 CVE-2018-9959: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the pageNum document attribute. The issue results fr
nvd
CVE-2018-10484HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-10484 [HIGH] CWE-665 CVE-2018-10484: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Node objects. The issue results from the lack
nvd
CVE-2018-9956HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9956 [HIGH] CWE-416 CVE-2018-9956: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When setting the title attribu
nvd
CVE-2018-10477HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-10477 [HIGH] CWE-787 CVE-2018-10477: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Chain Index objects. The issue results from t
nvd
CVE-2018-9949HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-9949 [HIGH] CWE-122 CVE-2018-9949: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIFF files. The issue results from the lack of prop
nvd
CVE-2018-9977HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-9977 [HIGH] CWE-416 CVE-2018-9977: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Modifier Chain objects in U3D files. The issue resu
nvd
CVE-2018-9942HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-9942 [HIGH] CWE-704 CVE-2018-9942: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the record remove method. The issue results from t
nvd
CVE-2018-9961HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9961 [HIGH] CWE-416 CVE-2018-9961: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the rect Field attribute. The issue results from the
nvd
CVE-2018-9957HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9957 [HIGH] CWE-416 CVE-2018-9957: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When parsing arguments passed
nvd
CVE-2018-10474HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-10474 [HIGH] CWE-787 CVE-2018-10474: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Shading objects. The issue results from the l
nvd
CVE-2018-9981HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-9981 [HIGH] CWE-824 CVE-2018-9981: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of prope
nvd
CVE-2018-9954HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9954 [HIGH] CWE-416 CVE-2018-9954: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When setting the y attribute,
nvd
CVE-2018-9965HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9965 [HIGH] CWE-416 CVE-2018-9965: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the setAction method of Link objects. The issue res
nvd
CVE-2018-10494HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-10494 [HIGH] CWE-121 CVE-2018-10494: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D 3DView objects. The issue results from the lac
nvd
CVE-2018-9967HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9967 [HIGH] CWE-416 CVE-2018-9967: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Format actions of TextBox objects. The issue result
nvd
← Previous8 / 13Next →