) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:foxitsoftware:foxit_reader:6.1.4
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-4063 |
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via an object with a revision number of -1 in a PDF document. Published: April 22, 2016; 11:59:04 AM -0400 |
V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2016-4062 |
Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service (application hang) via a crafted PDF. Published: April 22, 2016; 11:59:03 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-4061 |
Foxit Reader and PhantomPDF before 7.3.4 on Windows allow remote attackers to cause a denial of service (application crash) via a crafted content stream. Published: April 22, 2016; 11:59:02 AM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2016-4060 |
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors. Published: April 22, 2016; 11:59:01 AM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2016-4059 |
Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document. Published: April 22, 2016; 11:59:00 AM -0400 |
V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2015-8843 |
The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption. Published: April 13, 2016; 11:59:10 AM -0400 |
V3.0: 7.4 HIGH V2.0: 6.9 MEDIUM |
| CVE-2015-8580 |
Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document. Published: December 16, 2015; 4:59:12 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2015-3633 |
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures. Published: May 01, 2015; 11:59:12 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2015-3632 |
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file. Published: May 01, 2015; 11:59:10 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2015-2790 |
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image. Published: March 30, 2015; 10:59:10 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2015-2789 |
Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. Published: March 30, 2015; 10:59:09 AM -0400 |
V3.x:(not available) V2.0: 4.4 MEDIUM |