KLA20101
Multiple vulnerabilities in Foxit PDF Reader

Updated: 09/29/2023
Detect date
?
11/08/2022
Severity
?
High
Description

Multiple vulnerabilities were found in Foxit PDF Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. Use after free vulnerability in U3D File Parsing can be exploited to cause denial of service or execute arbitrary code.
  2. Out of bounds read vulnerability in PDF File Parsing can be exploited to obtain sensitive information.
  3. Use after free vulnerability in U3D File Parsing can be exploited to obtain sensitive information.
Affected products

Foxit PDF Reader earlier than 12.0.2

Solution

Update to the latest version
Download Foxit Reader

Original advisories

Security updates available in Foxit PDF Reader 12.0.2 and Foxit PDF Editor 12.0.2

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]
Related products
Foxit Reader
Foxit Reader Enterprise
CVE-IDS
?
CVE-2022-436385.0Warning
CVE-2022-436405.0Warning
CVE-2022-436395.0Warning
CVE-2022-436375.0Warning
CVE-2022-436415.0Warning
Find out the statistics of the vulnerabilities spreading in your region