Foxitsoftware Reader vulnerabilities
259 known vulnerabilities affecting foxitsoftware/reader.
Total CVEs
259
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL11HIGH228MEDIUM13LOW7
Vulnerabilities
Page 11 of 13
CVE-2018-17617HIGHCVSS 8.8≤ 9.1.0.50962018-10-29
CVE-2018-17617 [HIGH] CWE-416 CVE-2018-17617: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of onFocus events. The issue results from the lack o
nvd
CVE-2018-17620HIGHCVSS 8.8≤ 9.2.0.92972018-10-29
CVE-2018-17620 [HIGH] CWE-416 CVE-2018-17620: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate events. The issue results from the lack
nvd
CVE-2018-17619HIGHCVSS 8.8≤ 9.1.0.50962018-10-29
CVE-2018-17619 [HIGH] CWE-416 CVE-2018-17619: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Validate events. The issue results from the lack
nvd
CVE-2018-17615HIGHCVSS 8.8≤ 9.2.0.92972018-10-29
CVE-2018-17615 [HIGH] CWE-416 CVE-2018-17615: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Mouse Exit events. The issue results from the lac
nvd
CVE-2018-17616HIGHCVSS 8.8≤ 9.2.0.92972018-10-29
CVE-2018-17616 [HIGH] CWE-416 CVE-2018-17616: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of onBlur events. The issue results from the lack of
nvd
CVE-2018-17622MEDIUMCVSS 6.5≤ 9.2.0.92972018-10-29
CVE-2018-17622 [MEDIUM] CWE-125 CVE-2018-17622: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate events. The issue results fr
nvd
CVE-2018-16293HIGHCVSS 7.8≤ 9.2.0.92972018-10-08
CVE-2018-16293 [HIGH] CVE-2018-16293: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resul
nvd
CVE-2018-16294HIGHCVSS 7.8≤ 9.2.0.92972018-10-08
CVE-2018-16294 [HIGH] CVE-2018-16294: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resul
nvd
CVE-2018-16297HIGHCVSS 7.8≤ 9.2.0.92972018-10-08
CVE-2018-16297 [HIGH] CVE-2018-16297: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16296. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resul
nvd
CVE-2018-3945HIGHCVSS 8.8≤ 9.2.0.92972018-10-08
CVE-2018-3945 [HIGH] CWE-416 CVE-2018-3945: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxi
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerabi
nvd
CVE-2018-16292HIGHCVSS 7.8≤ 9.2.0.92972018-10-08
CVE-2018-16292 [HIGH] CVE-2018-16292: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resul
nvd
CVE-2018-3940HIGHCVSS 8.8≤ 9.2.0.92972018-10-08
CVE-2018-3940 [HIGH] CWE-416 CVE-2018-3940: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused. An attacker needs to trick the user to open the malicious file to trigger.
nvd
CVE-2018-16296HIGHCVSS 7.8≤ 9.2.0.92972018-10-08
CVE-2018-16296 [HIGH] CVE-2018-16296: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resul
nvd
CVE-2018-3941HIGHCVSS 8.8≤ 9.2.0.92972018-10-08
CVE-2018-3941 [HIGH] CWE-416 CVE-2018-3941: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxi
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerabi
nvd
CVE-2018-3997HIGHCVSS 8.8≤ 9.2.0.92972018-10-08
CVE-2018-3997 [HIGH] CWE-416 CVE-2018-3997: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxi
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerab
nvd
CVE-2018-16291HIGHCVSS 7.8≤ 9.2.0.92972018-10-08
CVE-2018-16291 [HIGH] CWE-416 CVE-2018-16291: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reuse
nvd
CVE-2018-3942HIGHCVSS 8.8≤ 9.2.0.92972018-10-08
CVE-2018-3942 [HIGH] CWE-416 CVE-2018-3942: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability.
nvd
CVE-2018-3992HIGHCVSS 8.8≤ 9.2.0.92972018-10-08
CVE-2018-3992 [HIGH] CWE-416 CVE-2018-3992: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxi
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerab
nvd
CVE-2018-16295HIGHCVSS 7.8≤ 9.2.0.92972018-10-08
CVE-2018-16295 [HIGH] CVE-2018-16295: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resul
nvd
CVE-2018-3996HIGHCVSS 8.8≤ 9.2.0.92972018-10-08
CVE-2018-3996 [HIGH] CWE-416 CVE-2018-3996: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability.
nvd