Modified
Foxit PDF Reader Is Designed To Meet The PDF Viewing Needs Of Enterprise And Government Organizations. Foxit PDF Reader Contains Numerous PDF Customization Options Making It An Easy To Deploy PDF Reader That Meets Most Organizations' Business Objectives, Adherence To ISO32000 Standards And PDF Viewing Requirements. The version of Foxit Reader installed on the remote Windows host is prior to 8.3.2. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the app.launchURL method allowing a context-dependent attacker to potentially execute arbitrary code. Foxit Reader is a software specially designed to work with PDF documents, similar in capabilities to Adobe Reader, but with the advantage of taking up less disk space and using less RAM. It is very fast, opens documents almost instantly and allows you to navigate through all of its pages with total fluidity. Users: 702: Computers: 55: Different versions: 19: Total Keys: 1,933,789: Total Clicks: 1,603,157: Total Usage: 49 weeks, 4 days, 15 hours, 17 minutes, 3 seconds. Users: 702: Computers: 55: Different versions: 19: Total Keys: 1,933,789: Total Clicks: 1,603,157: Total Usage: 49 weeks, 4 days, 15 hours, 17 minutes, 3 seconds.
This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
Current Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the picture elements within XFA forms. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5216.
Analysis Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the picture elements within XFA forms. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5216.
Severity
CVSS 3.x Severity and Metrics:
Weakness Enumeration
| CWE-ID | CWE Name | Source |
|---|---|---|
| CWE-704 | Incorrect Type Conversion or Cast | NIST |
| CWE-843 | Access of Resource Using Incompatible Type ('Type Confusion') | Zero Day Initiative |
Known Affected Software Configurations Switch to CPE 2.2
Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.
Change History
2 change records found show changesThis vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
Current Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. Macbook pro camera privacy. The specific flaw exists within the addAnnot method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe pdf viewer free download windows 10. Was ZDI-CAN-5295.
Analysis Description
Descargar adobe acrobat reader apk. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. http://zkxcmj.xtgem.com/Blog/__xtblog_entry/19180072-smooze-1-5-4-rediscover-your-mouse-pad#xt_blog. The specific flaw exists within the addAnnot method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5295.
Foxit Reader 832 Software
Severity
CVSS 3.x Severity and Metrics:Foxit Reader 832 Download
Weakness Enumeration
| CWE-ID | CWE Name | Source |
|---|---|---|
| CWE-416 | Use After Free | NIST Zero Day Initiative |
Foxit Reader 32 Bit Download
Known Affected Software Configurations Switch to CPE 2.2
Foxit Reader 832 Reader
Foxitreader832_l10n_setup.exe
Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.
Fl studio mobile vst plugins free download.
Change History
2 change records found show changes