Filtered by vendor Foxitsoftware
Subscribe
Total
797 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-2790 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2024-02-28 | 4.3 MEDIUM | N/A |
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image. | |||||
CVE-2015-3633 | 1 Foxitsoftware | 3 Enterprise Reader, Foxit Reader, Phantompdf | 2024-02-28 | 5.0 MEDIUM | N/A |
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures. | |||||
CVE-2012-4759 | 1 Foxitsoftware | 1 Foxit Reader | 2024-02-28 | 6.9 MEDIUM | N/A |
Untrusted search path vulnerability in facebook_plugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information. | |||||
CVE-2013-0107 | 1 Foxitsoftware | 1 Foxit Advanced Pdf Editor | 2024-02-28 | 7.6 HIGH | N/A |
Stack-based buffer overflow in Foxit Advanced PDF Editor 3 before 3.04 might allow remote attackers to execute arbitrary code via a crafted document containing instructions that reconstruct a certain security cookie. | |||||
CVE-2012-4337 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Windows 7, Windows Xp | 2024-02-28 | 9.3 HIGH | N/A |
Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references. | |||||
CVE-2011-0332 | 1 Foxitsoftware | 2 Foxit Phantom, Foxit Reader | 2024-02-28 | 9.3 HIGH | N/A |
Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow. | |||||
CVE-2010-1239 | 1 Foxitsoftware | 1 Foxit Reader | 2024-02-28 | 9.3 HIGH | N/A |
Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and (2) execute arbitrary programs embedded in a PDF document via an unspecified "/Launch /Action" sequence, a related issue to CVE-2009-0836. | |||||
CVE-2011-1908 | 1 Foxitsoftware | 1 Foxit Reader | 2024-02-28 | 9.3 HIGH | N/A |
Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document. | |||||
CVE-2011-3691 | 1 Foxitsoftware | 1 Foxit Reader | 2024-02-28 | 9.3 HIGH | N/A |
Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 allows local users to gain privileges via a Trojan horse dwmapi.dll, dwrite.dll, or msdrm.dll in the current working directory. | |||||
CVE-2009-0836 | 1 Foxitsoftware | 1 Reader | 2024-02-28 | 10.0 HIGH | N/A |
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspecified other impact via a crafted file, as demonstrated by the "Open/Execute a file" action. | |||||
CVE-2008-1104 | 1 Foxitsoftware | 1 Foxit Reader | 2024-02-28 | 9.3 HIGH | N/A |
Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings. | |||||
CVE-2008-7031 | 1 Foxitsoftware | 1 Wac Server | 2024-02-28 | 10.0 HIGH | N/A |
Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Server) 2.0 Build 3503 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151. | |||||
CVE-2008-7225 | 1 Foxitsoftware | 1 Wac Server | 2024-02-28 | 10.0 HIGH | N/A |
Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Server) 2.0 Build 3503 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151. | |||||
CVE-2009-0691 | 1 Foxitsoftware | 2 Foxit Reader, Jpeg2000 Jbig2 Decoder Add-on | 2024-02-28 | 9.3 HIGH | N/A |
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 (aka JPX) header, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an invalid memory access. | |||||
CVE-2009-0191 | 1 Foxitsoftware | 1 Foxit Reader | 2024-02-28 | 9.3 HIGH | N/A |
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a dereference of an uninitialized memory location. | |||||
CVE-2009-0690 | 1 Foxitsoftware | 2 Foxit Reader, Jpeg2000\/jbig2 Decoder Add-on | 2024-02-28 | 9.3 HIGH | N/A |
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read. | |||||
CVE-2008-0151 | 1 Foxitsoftware | 1 Wac Server | 2024-02-28 | 10.0 HIGH | N/A |
Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Telnet request with long options. |