CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2CVE-2018-9950 – Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-9950
20 Apr 2018 — This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction... • https://github.com/sharmasandeepkr/PS-2017-13---CVE-2018-9950 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2018-9951 – Foxit Reader CPDF_Object Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9951
20 Apr 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CPDF_Object objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under ... • https://github.com/sharmasandeepkr/cve-2018-9951 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9952 – Foxit Reader XFA Button formattedValue Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9952
20 Apr 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When setting the formattedValue attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this v... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9953 – Foxit Reader XFA Button resolveNodes Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9953
20 Apr 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA resolveNodes method of Button elements. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute c... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9954 – Foxit Reader XFA Button y Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9954
20 Apr 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When setting the y attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability ... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9955 – Foxit Reader XFA Button resolveNode Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9955
20 Apr 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA resolveNode method of Button elements. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute co... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9956 – Foxit Reader XFA Button title Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9956
20 Apr 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When setting the title attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerabil... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9957 – Foxit Reader XFA Button resetData Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9957
20 Apr 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When parsing arguments passed to the resetData method, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can lev... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9959 – Foxit Reader pageNum Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9959
20 Apr 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the pageNum document attribute. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute co... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9960 – Foxit Reader Field textColor Setter Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-9960
20 Apr 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the textColor Field attribute. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute cod... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •