Searching
..

Click anywhere to stop

KLA12530
Multiple vulnerabilities in Foxit Reader

Updated: 01/25/2024
Detect date
?
05/09/2022
Severity
?
Warning
Description

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability can be exploited remotely to execute arbitrary code.
  2. Out of Bounds Read or Use After Free vulnerability in memory access to cause denial of service, execute arbitrary code or obtain sensitive information.
  3. Type Confusion vulnerability in the V8 JavaScript Engine can be exploited to cause denial of service.
  4. Out of Bounds Read vulnerability can be exploited to cause denial of service.
  5. Use After Free vulnerability can be exploited to cause denial of service and execute arbitrary code.
Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Affected products

Foxit PDF Reader earlier than 11.2.2

Solution

Update to the latest version
Download Foxit Reader

Original advisories

Security updates available in Foxit PDF Reader 11.2.1 and Foxit PDF Editor 11.2.2

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]
Related products
Foxit Reader
Foxit Reader Enterprise
CVE-IDS
?
CVE-2022-256415.5High
CVE-2022-286797.8Critical
CVE-2022-286717.8Critical
CVE-2022-305577.5Critical
CVE-2022-286697.8Critical
CVE-2022-286767.8Critical
CVE-2022-286827.8Critical
CVE-2022-286747.8Critical
CVE-2022-286737.8Critical
CVE-2022-286816.1High
CVE-2022-286837.8Critical
CVE-2022-286727.8Critical
CVE-2022-286777.8Critical
CVE-2022-286757.8Critical
CVE-2022-286787.8Critical
CVE-2022-286707.8Critical
CVE-2022-286807.8Critical
Find out the statistics of the vulnerabilities spreading in your region