CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2018-9974 – Foxit Reader ConvertToPDF_x86 BMP Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9974
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ConvertToPDF_x86.dll. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.foxitsoftware.com/support/security-bulletins.php https://zerodayinitiative.com/advisories/ZDI-18-358 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 0CVE-2018-9975 – Foxit Reader shift event Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9975
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of shift events. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. • https://www.foxitsoftware.com/support/security-bulletins.php https://zerodayinitiative.com/advisories/ZDI-18-359 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-3842
https://notcve.org/view.php?id=CVE-2018-3842
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An attacker needs to trick the user to open a malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. Existe un uso explotable de un puntero no inicializado en el motor JavaScript en Foxit PDF Reader 9.0.1.1049. • http://www.securityfocus.com/bid/103942 http://www.securitytracker.com/id/1040733 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0525 • CWE-824: Access of Uninitialized Pointer •
CVSS: 8.8EPSS: 6%CPEs: 1EXPL: 1CVE-2018-3843
https://notcve.org/view.php?id=CVE-2018-3843
An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory disclosure, and possibly to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. Existe una vulnerabilidad explotable de confusión de tipos por la forma en la que Foxit PDF Reader 9.0.1.1049 analiza archivos con anotaciones de archivo asociadas. • http://www.securityfocus.com/bid/103942 http://www.securitytracker.com/id/1040733 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0526 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16813
https://notcve.org/view.php?id=CVE-2017-16813
A denial-of-service issue was discovered in the Foxit MobilePDF app before 6.1 for iOS. This occurs when a user uploads a file that includes a hexadecimal Unicode character in the "filename" parameter via Wi-Fi, since the app could fail to parse this. Se ha descubierto un problema de denegación de servicio (DoS) en la aplicación Foxit MobilePDF en versiones anteriores a la 6.1. Esto ocurre cuando un usuario sube un archivo que incluye un carácter Unicode hexadecimal en el parámetro "filename" mediante Wi-Fi, ya que la aplicación podría no ser capaz de analizarlo. • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-20: Improper Input Validation •