Vulnerabilities > Foxitsoftware

DATE CVE VULNERABILITY TITLE RISK
2018-05-17 CVE-2018-10476 Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935.
network
low complexity
foxitsoftware CWE-125
6.5
6.5
2018-05-17 CVE-2018-10475 Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935.
network
low complexity
foxitsoftware CWE-125
6.5
6.5
2018-05-17 CVE-2018-10474 Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935.
network
low complexity
foxitsoftware CWE-787
8.8
8.8
2018-05-17 CVE-2018-10473 Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935.
network
low complexity
foxitsoftware CWE-787
8.8
8.8
2018-04-24 CVE-2017-17557 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Phantompdf
In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files.
network
low complexity
foxitsoftware CWE-119
8.8
8.8
2018-04-23 CVE-2018-10303 Use After Free vulnerability in Foxitsoftware Phantompdf
A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-y0nqfutlf3.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2018-04-23 CVE-2018-10302 Use After Free vulnerability in Foxitsoftware Phantompdf
A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-jyb51g3mv9.
local
low complexity
foxitsoftware CWE-416
7.8
7.8
2018-04-19 CVE-2018-3843 Incorrect Type Conversion or Cast vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049
An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations.
network
low complexity
foxitsoftware CWE-704
8.8
8.8
2018-04-19 CVE-2018-3842 Access of Uninitialized Pointer vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049.
network
low complexity
foxitsoftware CWE-824
8.8
8.8
2018-02-26 CVE-2017-16814 Path Traversal vulnerability in Foxitsoftware Mobilepdf
A Directory Traversal issue was discovered in the Foxit MobilePDF app before 6.1 for iOS.
local
low complexity
foxitsoftware CWE-22
5.5
5.5