Foxit Software Pdf Reader
By the Year
In 2024 there have been 0 vulnerabilities in Foxit Software Pdf Reader . Pdf Reader did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 8 | 8.48 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 8.80 |
It may take a day or so for new Pdf Reader vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Foxit Software Pdf Reader Security Vulnerabilities
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1
CVE-2021-38563
9.8 - Critical
- August 11, 2021
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It mishandles situations in which an array size (derived from a /Size entry) is smaller than the maximum indirect object number, and thus there is an attempted incorrect array access (leading to a NULL pointer dereference, or out-of-bounds read or write).
out-of-bounds array index
An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS
CVE-2021-38567
7.5 - High
- August 11, 2021
An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS. It mishandles missing dictionary entries, leading to a NULL pointer dereference, aka CNVD-C-2021-95204.
NULL Pointer Dereference
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1
CVE-2021-38566
7.5 - High
- August 11, 2021
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows stack consumption during recursive processing of embedded XML nodes.
Stack Exhaustion
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1
CVE-2021-38565
7.5 - High
- August 11, 2021
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows writing to arbitrary files via submitForm.
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1
CVE-2021-38564
9.1 - Critical
- August 11, 2021
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows an out-of-bounds read via util.scand.
Out-of-bounds Read
A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 11.0.0.49893
CVE-2021-21893
8.8 - High
- August 05, 2021
A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 11.0.0.49893. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
Dangling pointer
A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.4.37651
CVE-2021-21870
8.8 - High
- August 05, 2021
A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a malicious file or site to trigger this vulnerability if the browser plugin extension is enabled.
Dangling pointer
A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.3.37598
CVE-2021-21831
8.8 - High
- August 05, 2021
A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
Dangling pointer
An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049
CVE-2018-3850
8.8 - High
- April 23, 2018
An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If a browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
Dangling pointer
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Foxit Pdf Reader or by Foxit Software? Click the Watch button to subscribe.
