CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-31467 – Foxit Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-31467
07 May 2021 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D files embedded in PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can levera... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-31468 – Foxit Reader U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31468
07 May 2021 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D files embedded in PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can levera... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-31469 – Foxit Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-31469
07 May 2021 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 2%CPEs: 5EXPL: 0CVE-2021-31470 – Foxit Reader U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31470
07 May 2021 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-31471 – Foxit Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-31471
07 May 2021 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0CVE-2021-31472 – Foxit Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31472
07 May 2021 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vu... • https://www.foxitsoftware.com/support/security-bulletins.php • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2021-31433 – Foxit Studio Photo ARW File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31433
26 Apr 2021 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ARW files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability t... • https://www.foxitsoftware.com/support/security-bulletins.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2021-31434 – Foxit Studio Photo JPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31434
26 Apr 2021 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPM files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to exe... • https://www.foxitsoftware.com/support/security-bulletins.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-31435 – Foxit Studio Photo CMP File Parsing Uninitialized Variable Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31435
26 Apr 2021 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CMP files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.foxitsoftware.com/support/security-bulletins.html • CWE-457: Use of Uninitialized Variable •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2021-31436 – Foxit Studio Photo SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31436
26 Apr 2021 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of SGI files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code ... • https://www.foxitsoftware.com/support/security-bulletins.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •