Foxit Software

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations

CVE-2023-32616 8.8 - High - November 27, 2023

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.

Dangling pointer

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension

CVE-2023-35985 8.8 - High - November 27, 2023

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted malicious site if the browser plugin extension is enabled.

Externally Controlled Reference to a Resource in Another Sphere

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field

CVE-2023-38573 8.8 - High - November 27, 2023

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.

Dangling pointer

A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356

CVE-2023-39542 8.8 - High - November 27, 2023

A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. A specially crafted malformed file can create arbitrary files, which can lead to remote code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.

Externally Controlled Reference to a Resource in Another Sphere

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of whitespace characters

CVE-2023-40194 8.8 - High - November 27, 2023

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of whitespace characters. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.

Externally Controlled Reference to a Resource in Another Sphere

A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties

CVE-2023-41257 8.8 - High - November 27, 2023

A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.

Object Type Confusion

An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569

CVE-2022-43310 7.8 - High - November 09, 2022

An Uncontrolled Search Path Element in Foxit Software released Foxit Reader v11.2.118.51569 allows attackers to escalate privileges when searching for DLL libraries without specifying an absolute path.

DLL preloading

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1

CVE-2021-38564 9.1 - Critical - August 11, 2021

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows an out-of-bounds read via util.scand.

Out-of-bounds Read

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1

CVE-2021-38565 7.5 - High - August 11, 2021

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows writing to arbitrary files via submitForm.

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1

CVE-2021-38566 7.5 - High - August 11, 2021

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows stack consumption during recursive processing of embedded XML nodes.

Stack Exhaustion

An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS

CVE-2021-38567 7.5 - High - August 11, 2021

An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS. It mishandles missing dictionary entries, leading to a NULL pointer dereference, aka CNVD-C-2021-95204.

NULL Pointer Dereference

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1

CVE-2021-38563 9.8 - Critical - August 11, 2021

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It mishandles situations in which an array size (derived from a /Size entry) is smaller than the maximum indirect object number, and thus there is an attempted incorrect array access (leading to a NULL pointer dereference, or out-of-bounds read or write).

out-of-bounds array index

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4

CVE-2021-38568 9.8 - Critical - August 11, 2021

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format.

Memory Corruption

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4

CVE-2021-38569 7.5 - High - August 11, 2021

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects.

Stack Exhaustion

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4

CVE-2021-38573 9.8 - Critical - August 11, 2021

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because a CombineFiles pathname is not validated.

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4

CVE-2021-38574 9.8 - Critical - August 11, 2021

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows SQL Injection via crafted data at the end of a string.

SQL Injection

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4

CVE-2021-38570 9.1 - Critical - August 11, 2021

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to delete arbitrary files (during uninstallation) via a symlink.

insecure temporary file

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4

CVE-2021-38572 9.8 - Critical - August 11, 2021

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because the extractPages pathname is not validated.

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4

CVE-2021-33794 9.1 - Critical - August 11, 2021

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction.

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write

CVE-2021-33793 9.8 - Critical - August 11, 2021

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion.

Memory Corruption

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.3.37598

CVE-2021-21831 8.8 - High - August 05, 2021

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.

Dangling pointer

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.4.37651

CVE-2021-21870 8.8 - High - August 05, 2021

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a malicious file or site to trigger this vulnerability if the browser plugin extension is enabled.

Dangling pointer

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 11.0.0.49893

CVE-2021-21893 8.8 - High - August 05, 2021

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 11.0.0.49893. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.

Dangling pointer

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write

CVE-2021-33792 7.8 - High - July 09, 2021

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write via a crafted /Size key in the Trailer dictionary.

Memory Corruption

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures

CVE-2021-33795 5.5 - Medium - July 09, 2021

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled.

Improper Handling of Exceptional Conditions

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.3.37598

CVE-2021-21822 8.8 - High - May 10, 2021

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a malicious file or site to trigger this vulnerability if the browser plugin extension is enabled.

Dangling pointer

In Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory

CVE-2020-13548 8.8 - High - February 10, 2021

In Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Dangling pointer

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922

CVE-2020-17426 7.8 - High - February 09, 2021

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11230.

Buffer Overflow

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyPreviewAction race condition

CVE-2018-20313 8.1 - High - January 07, 2021

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyPreviewAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

Memory Corruption

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCheckLicence race condition

CVE-2018-20314 8.1 - High - January 07, 2021

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCheckLicence race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

Memory Corruption

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a race condition

CVE-2018-20315 8.1 - High - January 07, 2021

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

Race Condition

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition

CVE-2018-20316 8.1 - High - January 07, 2021

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode.

Memory Corruption

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition

CVE-2018-20309 8.1 - High - January 07, 2021

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

Memory Corruption

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition

CVE-2018-20310 8.1 - High - January 07, 2021

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

Memory Corruption

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition

CVE-2018-20311 8.1 - High - January 07, 2021

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.

Memory Corruption

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition

CVE-2018-20312 8.1 - High - January 07, 2021

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode.

Memory Corruption

A type confusion vulnerability exists in the JavaScript engine of Foxit Softwares Foxit PDF Reader, version 10.1.0.37527

CVE-2020-13547 8.8 - High - December 22, 2020

A type confusion vulnerability exists in the JavaScript engine of Foxit Softwares Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Memory Corruption

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.0.37527

CVE-2020-13570 8.8 - High - December 22, 2020

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger the reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Dangling pointer

A use after free vulnerability exists in the JavaScript engine of Foxit Softwares Foxit PDF Reader, version 10.1.0.37527

CVE-2020-13560 8.8 - High - December 22, 2020

A use after free vulnerability exists in the JavaScript engine of Foxit Softwares Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Dangling pointer

A use after free vulnerability exists in the JavaScript engine of Foxit Softwares Foxit PDF Reader, version 10.1.0.37527

CVE-2020-13557 8.8 - High - December 22, 2020

A use after free vulnerability exists in the JavaScript engine of Foxit Softwares Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Dangling pointer

An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier

CVE-2020-28203 5.5 - Medium - December 15, 2020

An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier. There is a null pointer access/dereference while opening a crafted PDF file, leading the application to crash (denial of service).

NULL Pointer Dereference

Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API

CVE-2020-14425 7.8 - High - November 02, 2020

Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. An attacker can execute local files and bypass the security dialog.

An issue was discovered in Foxit Reader and PhantomPDF before 10.1

CVE-2020-26539 9.8 - Critical - October 02, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. When there is a multiple interpretation error for /V (in the Additional Action and Field dictionaries), a use-after-free can occur with resultant remote code execution (or an information leak).

Dangling pointer

An issue was discovered in Foxit Reader and PhantomPDF before 10.1

CVE-2020-26538 7.8 - High - October 02, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. It allows attackers to execute arbitrary code via a Trojan horse taskkill.exe in the current working directory.

An issue was discovered in Foxit Reader and PhantomPDF before 10.1

CVE-2020-26537 9.8 - Critical - October 02, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. In a certain Shading calculation, the number of outputs is unequal to the number of color components in a color space. This causes an out-of-bounds write.

Memory Corruption

An issue was discovered in Foxit Reader and PhantomPDF before 10.1

CVE-2020-26536 5.5 - Medium - October 02, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is a NULL pointer dereference via a crafted PDF document.

NULL Pointer Dereference

An issue was discovered in Foxit Reader and PhantomPDF before 10.1

CVE-2020-26535 9.8 - Critical - October 02, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. If TslAlloc attempts to allocate thread local storage but obtains an unacceptable index value, V8 throws an exception that leads to a write access violation (and read access violation).

Memory Corruption

An issue was discovered in Foxit Reader and PhantomPDF before 10.1

CVE-2020-26534 9.8 - Critical - October 02, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is an Opt object use-after-free related to Field::ClearItems and Field::DeleteOptions, during AcroForm JavaScript execution.

Dangling pointer

An issue was discovered in Foxit PhantomPDF before 8.3.10

CVE-2019-20833 7.5 - High - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud credentials, as demonstrated by Google Drive.

Insufficiently Protected Credentials

An issue was discovered in Foxit Reader before 2.4.4

CVE-2018-21236 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader before 2.4.4. It has a NULL pointer dereference.

NULL Pointer Dereference

An issue was discovered in Foxit PhantomPDF before 8.3.7

CVE-2018-21237 5.3 - Medium - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows NTLM credential theft via a GoToE or GoToR action.

Insufficiently Protected Credentials

An issue was discovered in Foxit PhantomPDF before 8.3.7

CVE-2018-21238 7.5 - High - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.7. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.

Resource Exhaustion

An issue was discovered in Foxit Reader and PhantomPDF before 9.2

CVE-2018-21239 5.3 - Medium - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows NTLM credential theft via a GoToE or GoToR action.

Insufficiently Protected Credentials

An issue was discovered in Foxit Reader and PhantomPDF before 9.2

CVE-2018-21240 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.2. It allows memory consumption via an ArrayBuffer(0xfffffffe) call.

Resource Exhaustion

An issue was discovered in Foxit PhantomPDF before 8.3.6

CVE-2018-21241 7.8 - High - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.6. It has an untrusted search path that allows a DLL to execute remote code.

Untrusted Path

An issue was discovered in Foxit PhantomPDF before 8.3.6

CVE-2018-21242 9.8 - Critical - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows Remote Code Execution via a GoToE or GoToR action.

Information Disclosure

An issue was discovered in Foxit PhantomPDF before 8.3.6

CVE-2018-21243 6.5 - Medium - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used.

Unrestricted File Upload

An issue was discovered in Foxit PhantomPDF before 8.3.6

CVE-2018-21244 9.8 - Critical - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.6. It allows arbitrary application execution via an embedded executable file in a PDF portfolio, aka FG-VD-18-029.

Unrestricted File Upload

An issue was discovered in Foxit PhantomPDF before 8.3.11

CVE-2019-20823 7.5 - High - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs.

Classic Buffer Overflow

An issue was discovered in Foxit PhantomPDF before 8.3.11

CVE-2019-20824 7.5 - High - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file.

NULL Pointer Dereference

An issue was discovered in Foxit PhantomPDF before 8.3.11

CVE-2019-20825 9.8 - Critical - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.11. It has an out-of-bounds write when Internet Explorer is used.

Memory Corruption

An issue was discovered in Foxit Reader and PhantomPDF before 9.6

CVE-2019-20829 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file.

NULL Pointer Dereference

An issue was discovered in Foxit Reader and PhantomPDF before 9.6

CVE-2019-20830 9.8 - Critical - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write when Internet Explorer is used.

Memory Corruption

An issue was discovered in Foxit PhantomPDF before 8.3.10

CVE-2019-20832 4.3 - Medium - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.10. It has homograph mishandling.

An issue was discovered in Foxit Reader and PhantomPDF before 9.5

CVE-2019-20837 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It allows signature validation bypass via a modified file or a file with non-standard signatures.

Improper Verification of Cryptographic Signature

An issue was discovered in Foxit Reader and PhantomPDF before 9.5

CVE-2019-20836 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive.

Information Disclosure

An issue was discovered in Foxit Reader and PhantomPDF before 9.6

CVE-2019-20828 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs.

Classic Buffer Overflow

An issue was discovered in Foxit Reader and PhantomPDF before 9.5

CVE-2019-20835 4.3 - Medium - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has homograph mishandling.

An issue was discovered in Foxit PhantomPDF before 8.3.10

CVE-2019-20834 7.5 - High - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.10. It allows signature validation bypass via a modified file or a file with non-standard signatures.

Improper Verification of Cryptographic Signature

An issue was discovered in Foxit Reader and PhantomPDF before 9.7

CVE-2019-20820 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference during the parsing of file data.

NULL Pointer Dereference

An issue was discovered in Foxit Reader and PhantomPDF before 9.7

CVE-2019-20819 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows stack consumption via nested function calls for XML parsing.

Resource Exhaustion

An issue was discovered in Foxit Reader and PhantomPDF before 9.7

CVE-2019-20818 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows memory consumption because data is created for each page of an application level.

Resource Exhaustion

An issue was discovered in Foxit Reader and PhantomPDF before 9.7

CVE-2019-20817 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference.

NULL Pointer Dereference

An issue was discovered in Foxit PhantomPDF before 8.3.12

CVE-2019-20816 7.5 - High - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference during the parsing of file data.

NULL Pointer Dereference

An issue was discovered in Foxit PhantomPDF before 8.3.12

CVE-2019-20815 7.5 - High - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows stack consumption via nested function calls for XML parsing.

Resource Exhaustion

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1

CVE-2020-13815 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It allows stack consumption via a loop of an indirect object reference.

Resource Exhaustion

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1

CVE-2020-13814 9.8 - Critical - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. It has a use-after-free via a document that lacks a dictionary.

Dangling pointer

An issue was discovered in Foxit Studio Photo before 3.6.6.922

CVE-2020-13813 7.8 - High - June 04, 2020

An issue was discovered in Foxit Studio Photo before 3.6.6.922. It allows local users to gain privileges via a crafted DLL in the current working directory when FoxitStudioPhoto366_3.6.6.916.exe is used.

Untrusted Path

An issue was discovered in Foxit Studio Photo before 3.6.6.922

CVE-2020-13812 7.8 - High - June 04, 2020

An issue was discovered in Foxit Studio Photo before 3.6.6.922. It allows local users to gain privileges via a crafted DLL in the current working directory.

Untrusted Path

An issue was discovered in Foxit Studio Photo before 3.6.6.922

CVE-2020-13811 7.8 - High - June 04, 2020

An issue was discovered in Foxit Studio Photo before 3.6.6.922. It has an out-of-bounds write via a crafted TIFF file.

Memory Corruption

An issue was discovered in Foxit PhantomPDF before 8.3.12

CVE-2019-20814 7.5 - High - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows memory consumption because data is created for each page of an application level.

Resource Exhaustion

An issue was discovered in Foxit PhantomPDF before 8.3.12

CVE-2019-20813 7.5 - High - June 04, 2020

An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference.

NULL Pointer Dereference

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2

CVE-2020-13810 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows signature validation bypass via a modified file or a file with non-standard signatures.

Improper Verification of Cryptographic Signature

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2

CVE-2020-13809 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via long strings in the content stream.

Resource Exhaustion

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2

CVE-2020-13808 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data.

Resource Exhaustion

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2

CVE-2020-13807 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has circular reference mishandling that causes a loop.

Infinite Loop

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2

CVE-2020-13806 7.5 - High - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has a use-after-free because of JavaScript execution after a deletion or close operation.

Resource Exhaustion

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2

CVE-2020-13805 9.8 - Critical - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures.

Improper Restriction of Excessive Authentication Attempts

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2

CVE-2020-13804 9.8 - Critical - June 04, 2020

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin.

Use of Hard-coded Credentials

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723

CVE-2019-13334 7.8 - High - February 08, 2020

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8774.

Memory Corruption

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723

CVE-2019-13333 7.8 - High - February 08, 2020

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8773.

Memory Corruption

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723

CVE-2019-17135 7.8 - High - February 08, 2020

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8775.

Buffer Overflow

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723

CVE-2019-17136 7.8 - High - February 08, 2020

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8776.

Out-of-bounds Read

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.7.0.29435

CVE-2019-5131 8.8 - High - January 16, 2020

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Dangling pointer

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435

CVE-2019-5126 8.8 - High - January 16, 2020

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Dangling pointer

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.7.0.29435

CVE-2019-5130 8.8 - High - January 16, 2020

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Dangling pointer

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435

CVE-2019-5145 8.8 - High - January 16, 2020

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

Dangling pointer

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114

CVE-2019-17140 8.8 - High - October 25, 2019

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the OnFocus event. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9091.

Dangling pointer

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114

CVE-2019-17142 8.8 - High - October 25, 2019

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of script within a Keystroke action of a listbox field. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9081.

Dangling pointer

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114

CVE-2019-17141 8.8 - High - October 25, 2019

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of script within a Calculate action of a text field. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9044.

Dangling pointer