Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Reader
(Foxitsoftware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 259 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-06-04 | CVE-2019-20836 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2019-20835 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has homograph mishandling. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2019-20830 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write when Internet Explorer is used. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2019-20829 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a NULL pointer dereference via FXSYS_wcslen in an Epub file. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2019-20828 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a buffer overflow because a looping correction does not occur after JavaScript updates Field APs. | Phantompdf, Reader | N/A | ||
| 2020-06-04 | CVE-2019-20817 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference. | Phantompdf, Reader | N/A | ||
| 2020-04-22 | CVE-2020-10912 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the SetFieldValue command of the communication API. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker... | Phantompdf, Reader | N/A | ||
| 2020-04-22 | CVE-2020-10911 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the GetFieldValue command of the communication API. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker... | Phantompdf, Reader | N/A | ||
| 2020-04-22 | CVE-2020-10910 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the RotatePage command of the communication API. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can... | Phantompdf, Reader | N/A | ||
| 2020-04-22 | CVE-2020-10909 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the AddWatermark command of the communication API. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker... | Phantompdf, Reader | N/A |