Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when handling malicious input. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when handling malicious input. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

The vulnerability allows a remote attacker to obtain potentially sensitive information or execute arbitrary code on the target system.

The weakness exists when parsing or converting JPG files due to access violation on pointer. A remote attacker can trick the victim into opening a specially crafted JPG file, trigger out-of-bounds read/write and gain access to arbitrary data or execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion when calling addAdLayer function since the certain object in the function is replaced. A remote attacker can trick the victim into opening a specially crafted PDF file and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

The vulnerability allows a remote attacker to write arbitrary file on the target system.

The weakness exists due to insufficient validation of the file type to be exported. A remote attacker can write arbitrary file when executing exportAsFDF or exportData JavaScript and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion when executing certain JavaScript functions since the application could transform non-XFA-node to XFA-node and use the discrepant XFA-node directly. A remote attacker can trick the victim into opening a specially crafted PDF file and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to the array object is transformed and used as dictionary object in the cases where inline image dictionary contains invalid dictionary end symbol and array start symbol. A remote attacker can trick the victim into opening a specially crafted PDF file, release inline image, add new array object and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to the application can expose credentials when executing GoToE & GoToR action. A remote attacker can obtain valid user's credentials.

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow when handling malicious input. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow when handling malicious input. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion when the application parses “ColorSpace” within a PDF. A remote attacker can trick the victim into opening a specially crafted PDF file, replace the ICCBased color space with Pattern color space and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

The vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition on the target system.

The weakness exists due to improper handling of process when executing GetAssociatedPageIndex function. A remote attacker can obtain trigger out-of-bounds read, gain access to arbitrary data and cause the service to crash.

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to buffer overflow when executing var test = new ArrayBuffer(0xfffffffe) JavaScript. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger memory corruption and cause the application to crash.

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when handling malicious input. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.