Foxit Reader vulnerabilities

155 known vulnerabilities affecting foxit/reader.

Total CVEs
155
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH129MEDIUM14LOW12

Vulnerabilities

Page 4 of 8
CVE-2019-13328HIGHCVSS 7.8v9.5.0.207232019-10-03
CVE-2019-13328 [HIGH] CWE-416 CVE-2019-13328: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of fields within Acroform objects. The issue resul
cvelistv5nvd
CVE-2019-13329HIGHCVSS 7.8v9.52019-10-03
CVE-2019-13329 [HIGH] CWE-843 CVE-2019-13329: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIF files. The issue results from the lack of proper va
cvelistv5nvd
CVE-2019-13332HIGHCVSS 7.8v9.6.0.251142019-10-03
CVE-2019-13332 [HIGH] CWE-416 CVE-2019-13332: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of templates in XFA forms. The issue results from
cvelistv5nvd
CVE-2019-13331HIGHCVSS 7.8v9.5.0.207232019-10-03
CVE-2019-13331 [HIGH] CWE-125 CVE-2019-13331: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. The issue results from the lack of prop
cvelistv5nvd
CVE-2019-6760HIGHCVSS 7.8v9.4.168112019-06-03
CVE-2019-6760 [HIGH] CWE-787 CVE-2019-6760: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper vali
cvelistv5nvd
CVE-2019-6757HIGHCVSS 7.8v9.4.168112019-06-03
CVE-2019-6757 [HIGH] CWE-416 CVE-2019-6757: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of validating
cvelistv5nvd
CVE-2019-6767HIGHCVSS 7.8v9.4.1.168282019-06-03
CVE-2019-6767 [HIGH] CWE-416 CVE-2019-6767: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing AcroForms. The issue result
cvelistv5nvd
CVE-2019-6759HIGHCVSS 7.8v9.3.108262019-06-03
CVE-2019-6759 [HIGH] CWE-787 CVE-2019-6759: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper vali
cvelistv5nvd
CVE-2019-6764HIGHCVSS 7.8v9.4.1.168282019-06-03
CVE-2019-6764 [HIGH] CWE-787 CVE-2019-6764: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA Template objects. The issue results from the
cvelistv5nvd
CVE-2019-6769HIGHCVSS 7.8v9.4.1.168282019-06-03
CVE-2019-6769 [HIGH] CWE-416 CVE-2019-6769: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing AcroForms. The issue result
cvelistv5nvd
CVE-2019-6768HIGHCVSS 7.8v9.4.1.168282019-06-03
CVE-2019-6768 [HIGH] CWE-416 CVE-2019-6768: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing AcroForms. The issue result
cvelistv5nvd
CVE-2019-6755HIGHCVSS 7.8v9.3.108262019-06-03
CVE-2019-6755 [HIGH] CWE-787 CVE-2019-6755: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper vali
cvelistv5nvd
CVE-2019-6763HIGHCVSS 7.8v9.4.1.168282019-06-03
CVE-2019-6763 [HIGH] CWE-416 CVE-2019-6763: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ToggleFormsDesign method of the Foxit.FoxitReader.Ctl ActiveX
cvelistv5nvd
CVE-2019-6761HIGHCVSS 7.8v9.4.0.168112019-06-03
CVE-2019-6761 [HIGH] CWE-416 CVE-2019-6761: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.0.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA CXFA_FFDocView object. The issue results from the lack of
cvelistv5nvd
CVE-2019-6754HIGHCVSS 7.8v9.3.108262019-06-03
CVE-2019-6754 [HIGH] CWE-22 CVE-2019-6754: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the localFileStorage method. The issue results from the lack of prope
cvelistv5nvd
CVE-2019-6770MEDIUMCVSS 5.5v9.4.1.168282019-06-03
CVE-2019-6770 [MEDIUM] CWE-416 CVE-2019-6770: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the resetForm method when processing AcroForms. The iss
cvelistv5nvd
CVE-2019-6766MEDIUMCVSS 5.5v9.4.1.168282019-06-03
CVE-2019-6766 [MEDIUM] CWE-416 CVE-2019-6766: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing AcroForms. The i
cvelistv5nvd
CVE-2019-6771MEDIUMCVSS 5.5v2019.010.200982019-06-03
CVE-2019-6771 [MEDIUM] CWE-416 CVE-2019-6771: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 2019.010.20098. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the value property of a Field object
cvelistv5nvd
CVE-2019-6753MEDIUMCVSS 5.5v9.3.0.108262019-06-03
CVE-2019-6753 [MEDIUM] CWE-190 CVE-2019-6753: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.3.0.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Stuff method. The issue results fro
cvelistv5nvd
CVE-2019-6758MEDIUMCVSS 5.5v9.4.168112019-06-03
CVE-2019-6758 [MEDIUM] CWE-416 CVE-2019-6758: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of
cvelistv5nvd
← Previous4 / 8Next →