CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17683 – Foxit Reader Doc createIcon Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17683
11 Oct 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the createIcon method of an app object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to e... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17633 – Foxit Reader Annotation subject Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17633
11 Oct 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the subject property of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability ... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17698 – Foxit PhantomPDF richValue Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17698
11 Oct 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the richValue property of a text field. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability ... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17643 – Foxit Reader XFA TimeField editValue Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17643
11 Oct 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the editValue property of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to ex... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17653 – Foxit Reader XFA TimeField resolveNode Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17653
11 Oct 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resolveNode method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to ex... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17658 – Foxit Reader XFA host response Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17658
11 Oct 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the respose property of a host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to ex... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17689 – Foxit PhantomPDF fillColor Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17689
11 Oct 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the fillColor property of a radio button. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerabilit... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17677 – Foxit Reader mailDoc Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17677
11 Oct 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the mailDoc method of a app object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execu... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17640 – Foxit Reader XFA Form count Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17640
11 Oct 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the Form count property. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in ... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17665 – Foxit Reader XFA host currentPage Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17665
11 Oct 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the currentPage property of a Host object. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability t... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •