Foxitsoftware

Reader

259 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2018-20316

  • EPSS 0.03%
  • Published 07.01.2021 18:15:12
  • Last modified 21.11.2024 04:01:13

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode.

8.1

CVE-2018-20309

  • EPSS 0.03%
  • Published 07.01.2021 17:15:12
  • Last modified 21.11.2024 04:01:12

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

8.1

CVE-2018-20310

  • EPSS 0.03%
  • Published 07.01.2021 17:15:12
  • Last modified 21.11.2024 04:01:12

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

8.1

CVE-2018-20311

  • EPSS 0.03%
  • Published 07.01.2021 17:15:12
  • Last modified 21.11.2024 04:01:12

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

8.1

CVE-2018-20312

  • EPSS 0.03%
  • Published 07.01.2021 17:15:12
  • Last modified 21.11.2024 04:01:12

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode.

8.1

CVE-2020-11493

  • EPSS 0.08%
  • Published 04.09.2020 04:15:11
  • Last modified 21.11.2024 04:58:00

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject.

7.1

CVE-2020-12247

  • EPSS 0.13%
  • Published 04.09.2020 04:15:11
  • Last modified 21.11.2024 04:59:22

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may als...

8.8

CVE-2020-12248

  • EPSS 0.53%
  • Published 04.09.2020 04:15:11
  • Last modified 21.11.2024 04:59:22

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled.

4.3

CVE-2020-15637

  • EPSS 0.9%
  • Published 20.08.2020 01:17:13
  • Last modified 21.11.2024 05:05:55

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ...

7.8

CVE-2020-15638

  • EPSS 0.37%
  • Published 20.08.2020 01:17:13
  • Last modified 21.11.2024 05:05:55

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.2.29539. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malici...