Foxit

Reader

50 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.12%
  • Veröffentlicht 08.07.2026 07:36:36
  • Zuletzt bearbeitet 09.07.2026 13:14:33

The application opens the PDF file. JavaScript then rewrites the document to modify the page structure, resulting in the invalidation of the page objects. However, the thumbnails still use the invalid page objects, ultimately causing the application ...

  • EPSS 0.12%
  • Veröffentlicht 08.07.2026 07:36:34
  • Zuletzt bearbeitet 09.07.2026 13:19:07

Embedding JavaScript within a PDF file will cause the page to be deleted. Subsequent scripts will continue to access the relevant properties of the document view, eventually leading to the crash of the application.

  • EPSS 0.13%
  • Veröffentlicht 08.07.2026 07:36:31
  • Zuletzt bearbeitet 09.07.2026 14:22:30

When the application opens a PDF file and JavaScript deletes the PDF fields, the subsequent logic still uses the old field pointers, resulting in invalid pointer references and causing the application to crash.

  • EPSS 0.12%
  • Veröffentlicht 08.07.2026 07:36:22
  • Zuletzt bearbeitet 09.07.2026 13:14:08

When the application opens a PDF, traverses and builds the annotation elements related to hyperlinks, it fails to validate the abnormal annotation relationships and field combinations. This results in the internal objects entering an invalid state. E...

  • EPSS 0.12%
  • Veröffentlicht 08.07.2026 07:36:15
  • Zuletzt bearbeitet 09.07.2026 13:00:26

The application opens a PDF, but the cloud-like appearance of the construction process lacks proper setting of an upper limit and consistency checks. Out-of-bounds access to the underlying array is exposed, ultimately leading to a crash of the applic...

Medienbericht
  • EPSS 0.1%
  • Veröffentlicht 27.04.2026 11:00:38
  • Zuletzt bearbeitet 29.04.2026 17:29:29

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service.

  • EPSS 0.11%
  • Veröffentlicht 27.04.2026 11:00:29
  • Zuletzt bearbeitet 29.04.2026 17:28:10

A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution.

  • EPSS 0.1%
  • Veröffentlicht 01.04.2026 01:40:35
  • Zuletzt bearbeitet 14.04.2026 17:55:57

The application does not validate the presence of required appearance (AP) data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code continues to dereference the associated object without ...

  • EPSS 0.12%
  • Veröffentlicht 01.04.2026 01:40:33
  • Zuletzt bearbeitet 28.04.2026 14:14:57

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and ...

  • EPSS 0.1%
  • Veröffentlicht 01.04.2026 01:40:31
  • Zuletzt bearbeitet 14.04.2026 17:50:53

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs (e.g., SOAP) that perform deep tr...