Foxitsoftware 3D vulnerabilities
20 known vulnerabilities affecting foxitsoftware/3d.
Total CVEs
20
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH9MEDIUM4LOW6
Vulnerabilities
Page 1 of 1
CVE-2021-31465HIGHCVSS 7.8≤ 9.7.4.29600≥ 10.0.0.0, ≤ 10.1.3.375982021-05-07
CVE-2021-31465 [HIGH] CWE-787 CVE-2021-31465: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from
nvd
CVE-2021-31468HIGHCVSS 7.8≤ 9.7.4.29600≥ 10.0.0.0, ≤ 10.1.3.375982021-05-07
CVE-2021-31468 [HIGH] CWE-125 CVE-2021-31468: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D files embedded in PDF documents. The issue r
nvd
CVE-2021-31470HIGHCVSS 7.8≤ 9.7.4.29600≥ 10.0.0.0, ≤ 10.1.3.375982021-05-07
CVE-2021-31470 [HIGH] CWE-416 CVE-2021-31470: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from
nvd
CVE-2021-31466HIGHCVSS 7.8≤ 9.7.4.29600≥ 10.0.0.0, ≤ 10.1.3.375982021-05-07
CVE-2021-31466 [HIGH] CWE-125 CVE-2021-31466: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from
nvd
CVE-2021-31472HIGHCVSS 7.8≤ 9.7.4.29600≥ 10.0, ≤ 10.0.1.375982021-05-07
CVE-2021-31472 [HIGH] CWE-787 CVE-2021-31472: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from
nvd
CVE-2021-31471MEDIUMCVSS 5.5≤ 9.7.4.29600≥ 10.0, ≤ 10.0.1.375982021-05-07
CVE-2021-31471 [MEDIUM] CWE-125 CVE-2021-31471: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The
nvd
CVE-2021-31469LOWCVSS 3.3≤ 9.7.4.29600≥ 10.0.0.0, ≤ 10.1.3.375982021-05-07
CVE-2021-31469 [LOW] CWE-125 CVE-2021-31469: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The is
nvd
CVE-2021-31464LOWCVSS 3.3≤ 9.7.4.29600≥ 10.0.0.0, ≤ 10.1.3.375982021-05-07
CVE-2021-31464 [LOW] CWE-125 CVE-2021-31464: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The is
nvd
CVE-2021-31462LOWCVSS 3.3≤ 9.7.4.29600≥ 10.0.0.0, ≤ 10.1.3.375982021-05-07
CVE-2021-31462 [LOW] CWE-125 CVE-2021-31462: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The is
nvd
CVE-2021-31467LOWCVSS 3.3≤ 9.7.4.29600≥ 10.0.0.0, ≤ 10.1.3.375982021-05-07
CVE-2021-31467 [LOW] CWE-125 CVE-2021-31467: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D files embedded in PDF documents. The
nvd
CVE-2021-31463LOWCVSS 3.3≤ 9.7.4.29600≥ 10.0.0.0, ≤ 10.1.3.375982021-05-07
CVE-2021-31463 [LOW] CWE-125 CVE-2021-31463: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The is
nvd
CVE-2020-17412HIGHCVSS 7.8≤ 10.0.1.358112020-10-13
CVE-2020-17412 [HIGH] CWE-787 CVE-2020-17412: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue
nvd
CVE-2020-17413HIGHCVSS 7.8≤ 10.0.1.358112020-10-13
CVE-2020-17413 [HIGH] CWE-121 CVE-2020-17413: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue
nvd
CVE-2020-17411LOWCVSS 3.3≤ 10.0.1.358112020-10-13
CVE-2020-17411 [LOW] CWE-125 CVE-2020-17411: This vulnerability allows remote attackers to disclose sensitive information on affected installatio
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. Th
nvd
CVE-2019-20822CRITICALCVSS 9.8fixed in 9.7.0.294302020-06-04
CVE-2019-20822 [CRITICAL] CWE-787 CVE-2019-20822: An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.7.0.29430. It
An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.7.0.29430. It has an out-of-bounds write via incorrect image data.
nvd
CVE-2019-20831HIGHCVSS 7.5fixed in 9.5.0.207332020-06-04
CVE-2019-20831 [HIGH] CVE-2019-20831: An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.5.0.20733. It
An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.5.0.20733. It has void data mishandling, causing a crash.
nvd
CVE-2019-6985HIGHCVSS 8.8fixed in 9.4.0.168072019-01-28
CVE-2019-6985 [HIGH] CWE-125 CVE-2019-6985: An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF.
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Read in Indexing or a Heap Overflow and crash during handling of certain PDF files that embed specifically crafted 3D content, due to an array access violation.
nvd
CVE-2019-6982MEDIUMCVSS 5.5fixed in 9.4.0.168072019-01-28
CVE-2019-6982 [MEDIUM] CWE-787 CVE-2019-6982: An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF.
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Write and crash during the handling of certain PDF files that embed specifically crafted 3D content, because of the improper handling of a logic exception in the IFXASSERT function.
nvd
CVE-2019-6984MEDIUMCVSS 6.5fixed in 9.4.0.168072019-01-28
CVE-2019-6984 [MEDIUM] CWE-416 CVE-2019-6984: An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF.
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter a Use-After-Free or Type Confusion and crash during handling of certain PDF files that embed specifically crafted 3D content, due to the use of a wild pointer.
nvd
CVE-2019-6983MEDIUMCVSS 6.5fixed in 9.4.0.168072019-01-28
CVE-2019-6983 [MEDIUM] CWE-190 CVE-2019-6983: An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF.
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Integer Overflow and crash during the handling of certain PDF files that embed specifically crafted 3D content, because of a free of valid memory.
nvd