Multiple vulnerabilities in Foxit Reader

Description

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

1. Code execution vulnerability can be exploited via special crafted file to execute arbitrary code.
2. Use after free vulnerability can be exploited remotely to cause denial of service, obtain sensitive information or execute arbitrary code.
3. Use after free vulnerability can be exploited to cause denial of service, obtain sensitive information or execute arbitrary code.
4. Use after free vulnerability can be exploited remotely to obtain sensitive information or execute arbitrary code.
5. Out of bounds read vulnerability can be exploited via special PDF files to obtain sensitive information.
6. Heap-based buffer overflow vulnerability can be exploited remotely to execute arbitrary code and cause denial of service.
7. Information disclosure vulnerability can be exploited to obtain sensitive information.

Original advisories

• Foxit Security Bulletins

Exploitation

Public exploits exist for this vulnerability.

Related products

• Foxit-Reader

CVE list

• CVE-2021-40326
  high
• CVE-2021-41785
  critical
• CVE-2021-41783
  critical
• CVE-2021-41780
  critical
• CVE-2021-41781
  critical
• CVE-2021-41782
  critical
• CVE-2021-41784
  critical
• CVE-2021-34952
  critical
• CVE-2021-34962
  critical
• CVE-2021-34950
  critical
• CVE-2021-34958
  critical
• CVE-2021-34957
  critical
• CVE-2021-34963
  critical
• CVE-2021-34948
  critical
• CVE-2021-34960
  critical
• CVE-2021-34973
  warning
• CVE-2021-34951
  warning
• CVE-2021-34956
  critical
• CVE-2021-34967
  critical
• CVE-2021-34971
  critical
• CVE-2021-34975
  critical
• CVE-2021-34953
  critical
• CVE-2021-34976
  warning
• CVE-2021-34959
  critical
• CVE-2021-34955
  critical
• CVE-2021-34966
  critical
• CVE-2021-34965
  critical
• CVE-2021-34970
  warning
• CVE-2021-34968
  critical
• CVE-2021-34974
  critical
• CVE-2021-34972
  warning
• CVE-2021-34949
  warning
• CVE-2021-34961
  critical
• CVE-2021-34954
  critical
• CVE-2021-34964
  critical
• CVE-2021-34969
  warning

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com