KLA12317
Multiple vulnerabilities in Foxit Reader

Updated: 10/26/2021
Detect date
?
10/12/2021
Severity
?
Warning
Description

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

  1. Code execution vulnerability can be exploited via special crafted file to execute arbitrary code.
  2. Use after free vulnerability can be exploited remotely to cause denial of service, obtain sensitive information or execute arbitrary code.
  3. Use after free vulnerability can be exploited to cause denial of service, obtain sensitive information or execute arbitrary code.
  4. Use after free vulnerability can be exploited remotely to obtain sensitive information or execute arbitrary code.
  5. Out of bounds read vulnerability can be exploited via special PDF files to obtain sensitive information.
  6. Heap-based buffer overflow vulnerability can be exploited remotely to execute arbitrary code and cause denial of service.
  7. Information disclosure vulnerability can be exploited to obtain sensitive information.
Affected products

Foxit Reader earlier than 11.1

Solution

Update to the latest version
Download Foxit Reader

Original advisories

Foxit Security Bulletins

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]
Related products
Foxit Reader
Find out the statistics of the vulnerabilities spreading in your region