Vulnerabilities > Foxitsoftware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-28 | CVE-2018-17610 | Use After Free vulnerability in Foxitsoftware Phantompdf and Reader Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. | 7.5 |
| 2018-09-28 | CVE-2018-17609 | Use After Free vulnerability in Foxitsoftware Phantompdf and Reader Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. | 7.5 |
| 2018-09-28 | CVE-2018-17608 | Use After Free vulnerability in Foxitsoftware Phantompdf and Reader Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. | 7.5 |
| 2018-09-28 | CVE-2018-17607 | Use After Free vulnerability in Foxitsoftware Phantompdf and Reader Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. | 7.5 |
| 2018-08-01 | CVE-2018-3939 | Use After Free vulnerability in Foxitsoftware Foxit Reader An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. | 8.8 |
| 2018-07-20 | CVE-2018-14442 | Use After Free vulnerability in Foxitsoftware Foxit Reader and Phantompdf Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs. | 7.5 |
| 2018-06-04 | CVE-2018-3853 | Use After Free vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049 An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. | 8.8 |
| 2018-04-19 | CVE-2018-3843 | Incorrect Type Conversion or Cast vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049 An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. | 8.8 |
| 2018-04-19 | CVE-2018-3842 | Access of Uninitialized Pointer vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049 An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. | 8.8 |
| 2017-05-05 | CVE-2017-8059 | Improper Certificate Validation vulnerability in Foxitsoftware Foxit PDF 5.2.1/5.3.2 Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information (username/password), in addition to the static authentication token if the user is already logged in. | 8.1 |