Foxitsoftware Foxit Reader vulnerabilities

CVE-2018-9959 [HIGH] CWE-416 CVE-2018-9959: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the pageNum document attribute. The issue results fr

CVE-2018-10484 [HIGH] CWE-665 CVE-2018-10484: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Node objects. The issue results from the lack

CVE-2018-9956 [HIGH] CWE-416 CVE-2018-9956: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When setting the title attribu

CVE-2018-10477 [HIGH] CWE-787 CVE-2018-10477: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Chain Index objects. The issue results from t

CVE-2018-9949 [HIGH] CWE-122 CVE-2018-9949: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIFF files. The issue results from the lack of prop

CVE-2018-9977 [HIGH] CWE-416 CVE-2018-9977: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Modifier Chain objects in U3D files. The issue resu

CVE-2018-9942 [HIGH] CWE-704 CVE-2018-9942: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the record remove method. The issue results from t

CVE-2018-9961 [HIGH] CWE-416 CVE-2018-9961: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the rect Field attribute. The issue results from the

CVE-2018-9957 [HIGH] CWE-416 CVE-2018-9957: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When parsing arguments passed

CVE-2018-10474 [HIGH] CWE-787 CVE-2018-10474: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Shading objects. The issue results from the l

CVE-2018-9981 [HIGH] CWE-824 CVE-2018-9981: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of prope

CVE-2018-9954 [HIGH] CWE-416 CVE-2018-9954: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When setting the y attribute,

CVE-2018-9965 [HIGH] CWE-416 CVE-2018-9965: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the setAction method of Link objects. The issue res

CVE-2018-10494 [HIGH] CWE-121 CVE-2018-10494: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D 3DView objects. The issue results from the lac

CVE-2018-9967 [HIGH] CWE-416 CVE-2018-9967: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Format actions of TextBox objects. The issue result

CVE-2018-9974 [HIGH] CWE-122 CVE-2018-9974: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper val

CVE-2018-10489 [HIGH] CWE-787 CVE-2018-10489: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Clod Progressive Mesh Declaration structures.

CVE-2018-9941 [HIGH] CWE-704 CVE-2018-9941: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the record append method. The issue results from t

CVE-2018-9960 [HIGH] CWE-416 CVE-2018-9960: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the textColor Field attribute. The issue results fro

CVE-2018-10488 [HIGH] CWE-122 CVE-2018-10488: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Texture Width structures. The issue results f