RSS   Vulnerabilities for 'Pdf reader'   RSS

2018-04-23
 
CVE-2018-3850

CWE-416
 

 
An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If a browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

 
 
CVE-2017-14458

CWE-416
 

 
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 8.3.2.25013. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

 

 >>> Vendor: Foxitsoftware 19 Products
Wac server
Reader
Foxit reader
Jpeg2000/jbig2 decoder add-on
Jpeg2000 jbig2 decoder add-on
Phantom
Foxit advanced pdf editor
Foxit pdf sdk dll
Foxit pdf sdk activex
Foxit mobilepdf - pdf reader
Enterprise reader
Phantompdf
Foxit phantom
Foxit pdf toolkit
Foxit pdf
Foxit pdf compressor
Mobilepdf
Pdf reader
Phantom pdf


Copyright 2018, cxsecurity.com

 

Back to Top