Foxitsoftware Foxit Reader vulnerabilities
382 known vulnerabilities affecting foxitsoftware/foxit_reader.
Total CVEs
382
CISA KEV
0
Public exploits
7
Exploited in wild
0
Severity breakdown
CRITICAL22HIGH274MEDIUM75LOW11
Vulnerabilities
Page 14 of 20
CVE-2018-9938HIGHCVSS 8.8≤ 9.0.1.10492018-05-17
CVE-2018-9938 [HIGH] CWE-704 CVE-2018-9938: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the absPageSpan method. The issue results from the
nvd
CVE-2018-9936HIGHCVSS 8.8≤ 9.0.1.10492018-05-17
CVE-2018-9936 [HIGH] CWE-704 CVE-2018-9936: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of field elements. The issue results from the lack of
nvd
CVE-2018-9976MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9976 [MEDIUM] CWE-125 CVE-2018-9976: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Texture objects in U3D files. The issue
nvd
CVE-2018-9971MEDIUMCVSS 6.5v9.0.1.1042018-05-17
CVE-2018-9971 [MEDIUM] CWE-125 CVE-2018-9971: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.104. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of
nvd
CVE-2018-9978MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9978 [MEDIUM] CWE-125 CVE-2018-9978: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the la
nvd
CVE-2018-9972MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9972 [MEDIUM] CWE-125 CVE-2018-9972: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of
nvd
CVE-2018-10492MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10492 [MEDIUM] CWE-125 CVE-2018-10492: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Clod Progressive Mesh Continuation
nvd
CVE-2018-9984MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9984 [MEDIUM] CWE-125 CVE-2018-9984: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Texture Image Channels objects in U3D fi
nvd
CVE-2018-10493MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10493 [MEDIUM] CWE-125 CVE-2018-10493: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the U3D Final Maximum Resolution attrib
nvd
CVE-2018-9946MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9946 [MEDIUM] CWE-416 CVE-2018-9946: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the setTimeOut method. The issue result
nvd
CVE-2018-9973MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9973 [MEDIUM] CWE-125 CVE-2018-9973: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ePub files. The issue results from the la
nvd
CVE-2018-10478MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10478 [MEDIUM] CWE-125 CVE-2018-10478: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Texture Coord Dimensions objects.
nvd
CVE-2018-1174MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-1174 [MEDIUM] CWE-665 CVE-2018-1174: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the bitmapDPI attribute of PrintParams
nvd
CVE-2018-9950MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9950 [MEDIUM] CWE-125 CVE-2018-9950: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. The issue results from th
nvd
CVE-2018-9948MEDIUMCVSS 6.5PoC≤ 9.0.1.10492018-05-17
CVE-2018-9948 [MEDIUM] CWE-824 CVE-2018-9948: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of typed arrays. The issue results from th
nvd
CVE-2018-9983MEDIUMCVSS 6.5v9.0.0.299352018-05-17
CVE-2018-9983 [MEDIUM] CWE-125 CVE-2018-9983: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the la
nvd
CVE-2018-1175MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-1175 [MEDIUM] CWE-665 CVE-2018-1175: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the interactive attribute of PrintParam
nvd
CVE-2018-10476MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10476 [MEDIUM] CWE-125 CVE-2018-10476: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D Model Node structures. The issue r
nvd
CVE-2018-9963MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-9963 [MEDIUM] CWE-125 CVE-2018-9963: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from t
nvd
CVE-2018-10481MEDIUMCVSS 6.5≤ 9.0.1.10492018-05-17
CVE-2018-10481 [MEDIUM] CWE-125 CVE-2018-10481: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D Texture Resource structures. The
nvd