Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foxit vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-27517
Foxit PDF SDK For Web up to and including 7.5.0 allows XSS. There is arbitrary JavaScript code execution in the browser if a victim uploads a malicious PDF document containing embedded JavaScript code that abuses app.alert (in the Acrobat JavaScript API).
Foxit Phantompdf
Foxit Reader
9.3
CVSSv2
CVE-2008-1104
Stack-based buffer overflow in Foxit Reader prior to 2.3 build 2912 allows user-assisted remote malicious users to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings.
Foxitsoftware Foxit Reader
Foxitsoftware Foxit Reader 2.2
Foxitsoftware Foxit Reader 2.0
9.3
CVSSv2
CVE-2009-0191
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote malicious users to execute arbitrary code via a crafted PDF file that triggers a dereferenc...
Foxitsoftware Foxit Reader 3.0.2009.1301
Foxitsoftware Foxit Reader 2.3
Foxitsoftware Foxit Reader 3.0
4.3
CVSSv2
CVE-2022-27359
Foxit PDF Reader prior to 12.0.1 and PDF Editor prior to 12.0.1 allow a this.maildoc NULL pointer dereference.
Foxit Pdf Reader
Foxit Pdf Editor
NA
CVE-2022-43649
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.12465. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific ...
Foxit Pdf Reader
Foxit Pdf Editor
NA
CVE-2022-47881
Foxit PDF Reader and PDF Editor 11.2.1.53537 and previous versions has an Out-of-Bounds Read vulnerability.
Foxit Pdf Reader
Foxit Pdf Editor
6.8
CVSSv2
CVE-2014-8074
Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 up to and including 5.0.1820 prior to 5.0.2.924 allows remote malicious users to execute arbitrary code via a long string, related to global variables.
Foxitsoftware Foxit Pdf Sdk Activex 2.3
Foxitsoftware Foxit Pdf Sdk Activex 3.0
Foxitsoftware Foxit Pdf Sdk Activex 4.0
Foxitsoftware Foxit Pdf Sdk Activex 5.0.0
Foxitsoftware Foxit Pdf Sdk Activex 5.0.1.820
4.3
CVSSv2
CVE-2017-8059
Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" prior to 5.4 for iOS allows a man-in-the-middle and/or physically proximate malicious user to silently intercept login information (username/password), in addition to...
Foxitsoftware Foxit Pdf 5.3.2
Foxitsoftware Foxit Pdf 5.2.1
10
CVSSv2
CVE-2009-0837
Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, including 1120 and 1301, allows remote malicious users to execute arbitrary code via a long (1) relative path or (2) absolute path in the filename argument in an action, as demonstrated by the "Open/Execute a...
Foxit Reader3.0
2 EDB exploits
NA
CVE-2022-28680
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific ...
Foxit Pdf Editor
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »