Foxit Reader vulnerabilities
247 known vulnerabilities affecting foxit/foxit_reader.
Total CVEs
247
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH197MEDIUM49
Vulnerabilities
Page 9 of 13
CVE-2018-9956HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9956 [HIGH] CWE-416 CVE-2018-9956: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When setting the title attribu
cvelistv5nvd
CVE-2018-9942HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-9942 [HIGH] CWE-704 CVE-2018-9942: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the record remove method. The issue results from t
cvelistv5nvd
CVE-2018-9961HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9961 [HIGH] CWE-416 CVE-2018-9961: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the rect Field attribute. The issue results from the
cvelistv5nvd
CVE-2018-9974HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9974 [HIGH] CWE-122 CVE-2018-9974: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper val
cvelistv5nvd
CVE-2018-10474HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-10474 [HIGH] CWE-787 CVE-2018-10474: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Shading objects. The issue results from the l
cvelistv5nvd
CVE-2018-9938HIGHCVSS 8.8v9.0.0.299352018-05-17
CVE-2018-9938 [HIGH] CWE-704 CVE-2018-9938: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the absPageSpan method. The issue results from the
cvelistv5nvd
CVE-2018-9967HIGHCVSS 8.8v9.0.1.10492018-05-17
CVE-2018-9967 [HIGH] CWE-416 CVE-2018-9967: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Format actions of TextBox objects. The issue result
cvelistv5nvd
CVE-2018-10493MEDIUMCVSS 6.5v9.0.1.10492018-05-17
CVE-2018-10493 [MEDIUM] CWE-125 CVE-2018-10493: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the U3D Final Maximum Resolution attrib
cvelistv5nvd
CVE-2018-9976MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-9976 [MEDIUM] CWE-125 CVE-2018-9976: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Texture objects in U3D files. The issue
cvelistv5nvd
CVE-2018-9971MEDIUMCVSS 6.5v9.0.1.1042018-05-17
CVE-2018-9971 [MEDIUM] CWE-125 CVE-2018-9971: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.104. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of
cvelistv5nvd
CVE-2018-9978MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-9978 [MEDIUM] CWE-125 CVE-2018-9978: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the la
cvelistv5nvd
CVE-2018-10479MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10479 [MEDIUM] CWE-125 CVE-2018-10479: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Key Frame structures. The issue re
cvelistv5nvd
CVE-2018-9972MEDIUMCVSS 6.5v9.0.1.10492018-05-17
CVE-2018-9972 [MEDIUM] CWE-125 CVE-2018-9972: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of
cvelistv5nvd
CVE-2018-10492MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10492 [MEDIUM] CWE-125 CVE-2018-10492: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Clod Progressive Mesh Continuation
cvelistv5nvd
CVE-2018-10485MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-10485 [MEDIUM] CWE-125 CVE-2018-10485: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within U3D Texture Height structures. The issue results from
cvelistv5nvd
CVE-2018-1175MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-1175 [MEDIUM] CWE-665 CVE-2018-1175: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the interactive attribute of PrintParam
cvelistv5nvd
CVE-2018-9984MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-9984 [MEDIUM] CWE-125 CVE-2018-9984: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Texture Image Channels objects in U3D fi
cvelistv5nvd
CVE-2018-9980MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-9980 [MEDIUM] CWE-125 CVE-2018-9980: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the la
cvelistv5nvd
CVE-2018-9963MEDIUMCVSS 6.5v9.0.1.10492018-05-17
CVE-2018-9963 [MEDIUM] CWE-125 CVE-2018-9963: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from t
cvelistv5nvd
CVE-2018-1179MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-1179 [MEDIUM] CWE-125 CVE-2018-1179: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DataSubBlock structures in GIF images. T
cvelistv5nvd