Foxitsoftware

Foxit Reader

377 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2020-28203

  • EPSS 0.02%
  • Published 15.12.2020 13:15:12
  • Last modified 21.11.2024 05:22:28

An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier. There is a null pointer access/dereference while opening a crafted PDF file, leading the application to crash (denial of service).

7.8

CVE-2020-14425

Exploit
  • EPSS 29.41%
  • Published 02.11.2020 21:15:24
  • Last modified 21.11.2024 05:03:14

Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. An attacker can execute local files and bypass the security dialog.

7.8

CVE-2020-17414

  • EPSS 0.07%
  • Published 13.10.2020 17:15:14
  • Last modified 21.11.2024 05:08:03

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader 10.0.0.35798. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerabil...

7.8

CVE-2020-17415

  • EPSS 0.07%
  • Published 13.10.2020 17:15:14
  • Last modified 21.11.2024 05:08:03

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PhantomPDF 10.0.0.35798. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulner...

7.8

CVE-2020-17416

  • EPSS 2.34%
  • Published 13.10.2020 17:15:14
  • Last modified 21.11.2024 05:08:03

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious...

7.8

CVE-2020-17417

  • EPSS 3.07%
  • Published 13.10.2020 17:15:14
  • Last modified 21.11.2024 05:08:03

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious...

7.8

CVE-2020-17410

  • EPSS 1.96%
  • Published 13.10.2020 17:15:13
  • Last modified 21.11.2024 05:08:02

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malic...

9.8

CVE-2020-26534

  • EPSS 0.03%
  • Published 02.10.2020 08:15:12
  • Last modified 21.11.2024 05:20:01

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is an Opt object use-after-free related to Field::ClearItems and Field::DeleteOptions, during AcroForm JavaScript execution.

9.8

CVE-2020-26535

  • EPSS 0.02%
  • Published 02.10.2020 08:15:12
  • Last modified 21.11.2024 05:20:01

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. If TslAlloc attempts to allocate thread local storage but obtains an unacceptable index value, V8 throws an exception that leads to a write access violation (and read access violatio...

5.5

CVE-2020-26536

  • EPSS 0.04%
  • Published 02.10.2020 08:15:12
  • Last modified 21.11.2024 05:20:01

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is a NULL pointer dereference via a crafted PDF document.