Filtered by vendor Foxitsoftware
Subscriptions
Total
819 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-8856 | 1 Foxitsoftware | 1 Reader | 2025-04-12 | N/A |
| Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader for Linux 2.1.0.0805 and earlier suffered from a vulnerability where weak file permissions could be exploited by attackers to execute arbitrary code. After the installation, Foxit Reader's core files were world-writable by default, allowing an attacker to overwrite them with backdoor code, which when executed by privileged user would result in Privilege Escalation, Code Execution, or both. | ||||
| CVE-2016-8875 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2025-04-12 | N/A |
| The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ConvertToPDF_x86!CreateFXPDFConvertor." | ||||
| CVE-2015-8843 | 1 Foxitsoftware | 1 Foxit Reader | 2025-04-12 | N/A |
| The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption. | ||||
| CVE-2016-4063 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document. | ||||
| CVE-2016-8876 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2025-04-12 | N/A |
| Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader." | ||||
| CVE-2016-8877 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2025-04-12 | N/A |
| Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue. | ||||
| CVE-2016-4060 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2016-4064 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Use-after-free vulnerability in the XFA forms handling functionality in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted remerge call. | ||||
| CVE-2016-8879 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2025-04-12 | N/A |
| The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap Corruption" issue. | ||||
| CVE-2016-8878 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2025-04-12 | N/A |
| Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return value starting at FOXITREADER." | ||||
| CVE-2015-3632 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file. | ||||
| CVE-2015-3633 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures. | ||||
| CVE-2015-8580 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document. | ||||
| CVE-2015-2790 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image. | ||||
| CVE-2015-2789 | 1 Foxitsoftware | 1 Foxit Reader | 2025-04-12 | N/A |
| Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. | ||||
| CVE-2016-4059 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document. | ||||
| CVE-2016-4062 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF. | ||||
| CVE-2013-0107 | 1 Foxitsoftware | 1 Foxit Advanced Pdf Editor | 2025-04-11 | N/A |
| Stack-based buffer overflow in Foxit Advanced PDF Editor 3 before 3.04 might allow remote attackers to execute arbitrary code via a crafted document containing instructions that reconstruct a certain security cookie. | ||||
| CVE-2011-3691 | 1 Foxitsoftware | 1 Foxit Reader | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 allows local users to gain privileges via a Trojan horse dwmapi.dll, dwrite.dll, or msdrm.dll in the current working directory. | ||||
| CVE-2011-1908 | 1 Foxitsoftware | 1 Foxit Reader | 2025-04-11 | N/A |
| Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document. | ||||