Foxitsoftware

Reader

259 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2018-20316

  • EPSS 0.03%
  • Veröffentlicht 07.01.2021 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:01:13

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode.

8.1

CVE-2018-20309

  • EPSS 0.03%
  • Veröffentlicht 07.01.2021 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:01:12

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

8.1

CVE-2018-20310

  • EPSS 0.03%
  • Veröffentlicht 07.01.2021 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:01:12

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

8.1

CVE-2018-20311

  • EPSS 0.03%
  • Veröffentlicht 07.01.2021 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:01:12

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

8.1

CVE-2018-20312

  • EPSS 0.03%
  • Veröffentlicht 07.01.2021 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:01:12

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode.

8.1

CVE-2020-11493

  • EPSS 0.08%
  • Veröffentlicht 04.09.2020 04:15:11
  • Zuletzt bearbeitet 21.11.2024 04:58:00

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject.

7.1

CVE-2020-12247

  • EPSS 0.13%
  • Veröffentlicht 04.09.2020 04:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:22

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may als...

8.8

CVE-2020-12248

  • EPSS 0.53%
  • Veröffentlicht 04.09.2020 04:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:22

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled.

4.3

CVE-2020-15637

  • EPSS 0.9%
  • Veröffentlicht 20.08.2020 01:17:13
  • Zuletzt bearbeitet 21.11.2024 05:05:55

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ...

7.8

CVE-2020-15638

  • EPSS 0.37%
  • Veröffentlicht 20.08.2020 01:17:13
  • Zuletzt bearbeitet 21.11.2024 05:05:55

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.2.29539. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malici...