Vulnerabilities > Foxitsoftware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-05 | CVE-2017-8059 | Improper Certificate Validation vulnerability in Foxitsoftware Foxit PDF 5.2.1/5.3.2 Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information (username/password), in addition to the static authentication token if the user is already logged in. | 8.1 |
| 2017-05-03 | CVE-2017-8455 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | 7.8 |
| 2017-05-03 | CVE-2017-8454 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | 8.8 |
| 2017-05-03 | CVE-2017-8453 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | 8.8 |
| 2017-04-07 | CVE-2017-7584 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Foxit PDF Toolkit 1.3/2.0 Memory Corruption Vulnerability in Foxit PDF Toolkit before 2.1 allows an attacker to cause Denial of Service & Remote Code Execution when a victim opens a specially crafted PDF file. | 7.8 |
| 2017-04-04 | CVE-2016-3740 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Foxit Reader 7.3.4.311 Heap-based buffer overflow in the CreateFXPDFConvertor function in ConvertToPdf_x86.dll in Foxit Reader 7.3.4.311 allows remote attackers to execute arbitrary code via a large SamplesPerPixel value in a crafted TIFF image that is mishandled during PDF conversion. | 7.8 |
| 2017-01-23 | CVE-2017-5556 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader and Phantompdf The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. | 8.1 |
| 2017-01-13 | CVE-2017-5364 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Foxit PDF Toolkit 1.3 Memory Corruption Vulnerability in Foxit PDF Toolkit v1.3 allows an attacker to cause Denial of Service and Remote Code Execution when the victim opens the specially crafted PDF file. | 7.8 |
| 2016-10-31 | CVE-2016-8878 | Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf and Reader Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return value starting at FOXITREADER." | 8.8 |
| 2016-10-31 | CVE-2016-8877 | Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf and Reader Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue. | 8.8 |