Foxit Reader vulnerabilities

247 known vulnerabilities affecting foxit/foxit_reader.

Total CVEs

247

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL1HIGH197MEDIUM49

Vulnerabilities

Page 8 of 13

CVE-2018-9937HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-9937 [HIGH] CWE-704 CVE-2018-9937: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of subform elements. The issue results from the lack o

cvelistv5nvd

CVE-2018-9982HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-9982 [HIGH] CWE-787 CVE-2018-9982: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the Texture Width in U3D files. The issue results f

cvelistv5nvd

CVE-2018-1178HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-1178 [HIGH] CWE-416 CVE-2018-1178: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the addField method. The issue results from the la

cvelistv5nvd

CVE-2018-9954HIGHCVSS 8.8v9.0.1.10492018-05-17

CVE-2018-9954 [HIGH] CWE-416 CVE-2018-9954: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When setting the y attribute,

cvelistv5nvd

CVE-2018-9957HIGHCVSS 8.8v9.0.1.10492018-05-17

CVE-2018-9957 [HIGH] CWE-416 CVE-2018-9957: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When parsing arguments passed

cvelistv5nvd

CVE-2018-9960HIGHCVSS 8.8v9.0.1.10492018-05-17

CVE-2018-9960 [HIGH] CWE-416 CVE-2018-9960: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the textColor Field attribute. The issue results fro

cvelistv5nvd

CVE-2018-9951HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-9951 [HIGH] CWE-416 CVE-2018-9951: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CPDF_Object objects. The issue results from the la

cvelistv5nvd

CVE-2018-9939HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-9939 [HIGH] CWE-704 CVE-2018-9939: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of layout elements. The issue results from the lack o

cvelistv5nvd

CVE-2018-10491HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-10491 [HIGH] CWE-787 CVE-2018-10491: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Bone Weight Modifier structures. The issue re

cvelistv5nvd

CVE-2018-10483HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-10483 [HIGH] CWE-787 CVE-2018-10483: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Clod Progressive Mesh objects. The issue resu

cvelistv5nvd

CVE-2018-9958HIGHCVSS 8.8PoCv9.0.1.10492018-05-17

CVE-2018-9958 [HIGH] CWE-416 CVE-2018-9958: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute,

cvelistv5nvd

CVE-2018-1173HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-1173 [HIGH] CWE-416 CVE-2018-1173: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the XFA borderColor attribute. The issue results f

cvelistv5nvd

CVE-2018-1176HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-1176 [HIGH] CWE-787 CVE-2018-1176: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ePub files. The issue results from the lack of prop

cvelistv5nvd

CVE-2018-9947HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-9947 [HIGH] CWE-122 CVE-2018-9947: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of prop

cvelistv5nvd

CVE-2018-10484HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-10484 [HIGH] CWE-665 CVE-2018-10484: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Node objects. The issue results from the lack

cvelistv5nvd

CVE-2018-9981HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-9981 [HIGH] CWE-824 CVE-2018-9981: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of prope

cvelistv5nvd

CVE-2018-9941HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-9941 [HIGH] CWE-704 CVE-2018-9941: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the record append method. The issue results from t

cvelistv5nvd

CVE-2018-10488HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-10488 [HIGH] CWE-122 CVE-2018-10488: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Texture Width structures. The issue results f

cvelistv5nvd

CVE-2018-9949HIGHCVSS 8.8v9.0.0.299352018-05-17

CVE-2018-9949 [HIGH] CWE-122 CVE-2018-9949: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIFF files. The issue results from the lack of prop

cvelistv5nvd

CVE-2018-9959HIGHCVSS 8.8v9.0.1.10492018-05-17

CVE-2018-9959 [HIGH] CWE-416 CVE-2018-9959: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the pageNum document attribute. The issue results fr

cvelistv5nvd

← Previous8 / 13Next →