ReportizFlow
Filtered by vendor Foxitsoftware
Subscriptions
Total
803 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-8879 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2025-04-12 | N/A |
| The thumbnail shell extension plugin (FoxitThumbnailHndlr_x86.dll) in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap Corruption" issue. | ||||
| CVE-2015-2789 | 1 Foxitsoftware | 1 Foxit Reader | 2025-04-12 | N/A |
| Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. | ||||
| CVE-2016-4059 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document. | ||||
| CVE-2014-4646 | 1 Foxitsoftware | 1 Foxit Pdf Sdk Dll | 2025-04-12 | N/A |
| Buffer overflow in the FPDFBookmark_GetTitle method in Foxit PDF SDK DLL before 3.1.1.5005 allows context-dependent attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-8875 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2025-04-12 | N/A |
| The ConvertToPDF plugin in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image, aka "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at ConvertToPDF_x86!CreateFXPDFConvertor." | ||||
| CVE-2016-8877 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2025-04-12 | N/A |
| Heap buffer overflow (Out-of-Bounds write) vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue. | ||||
| CVE-2014-8074 | 1 Foxitsoftware | 1 Foxit Pdf Sdk Activex | 2025-04-12 | N/A |
| Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 through 5.0.1820 before 5.0.2.924 allows remote attackers to execute arbitrary code via a long string, related to global variables. | ||||
| CVE-2015-3632 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file. | ||||
| CVE-2015-8580 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document. | ||||
| CVE-2016-4063 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document. | ||||
| CVE-2016-4062 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF. | ||||
| CVE-2016-8856 | 1 Foxitsoftware | 1 Reader | 2025-04-12 | N/A |
| Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader for Linux 2.1.0.0805 and earlier suffered from a vulnerability where weak file permissions could be exploited by attackers to execute arbitrary code. After the installation, Foxit Reader's core files were world-writable by default, allowing an attacker to overwrite them with backdoor code, which when executed by privileged user would result in Privilege Escalation, Code Execution, or both. | ||||
| CVE-2015-3633 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures. | ||||
| CVE-2015-8843 | 1 Foxitsoftware | 1 Foxit Reader | 2025-04-12 | N/A |
| The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption. | ||||
| CVE-2016-8876 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2025-04-12 | N/A |
| Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader." | ||||
| CVE-2015-2790 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2025-04-12 | N/A |
| Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image. | ||||
| CVE-2012-4759 | 1 Foxitsoftware | 1 Foxit Reader | 2025-04-11 | N/A |
| Untrusted search path vulnerability in facebook_plugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-1908 | 1 Foxitsoftware | 1 Foxit Reader | 2025-04-11 | N/A |
| Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document. | ||||
| CVE-2012-4337 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Windows 7, Windows Xp | 2025-04-11 | N/A |
| Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references. | ||||
| CVE-2013-0107 | 1 Foxitsoftware | 1 Foxit Advanced Pdf Editor | 2025-04-11 | N/A |
| Stack-based buffer overflow in Foxit Advanced PDF Editor 3 before 3.04 might allow remote attackers to execute arbitrary code via a crafted document containing instructions that reconstruct a certain security cookie. | ||||