Description
Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Out of bounds read vulnerability in AcroForm can be exploited to obtain sensitive information.
- Use after free vulnerability in JavaScript engine can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Annotation can be exploited to execute arbitrary code.
- Type confusion vulnerability in Javascript checkThisBox method can be exploited to cause denial of service and execute arbitrary code.
- Use after free vulnerability in AcroForm Doc Object can be exploited to execute arbitrary code.
- Out of bounds read vulnerability in AcroForm signature can be exploited to execute arbitrary code.
- Out of bounds read vulnerability in PDF File Parsing can be exploited to obtain sensitive information.
- Out of bounds write vulnerability in AcroForm Doc Object can be exploited to execute arbitrary code.
- Use after free vulnerability in Annotation can be exploited to obtain sensitive information.
- Use after free vulnerability in XFA Annotation can be exploited to execute arbitrary code.
- Out of bounds read vulnerability in Doc Object can be exploited to obtain sensitive information.
- Out of bounds read vulnerability in AcroForm Doc Object can be exploited to obtain sensitive information.
Original advisories
Related products
CVE list
- CVE-2023-38115 unknown
- CVE-2023-28744 critical
- CVE-2023-38111 unknown
- CVE-2023-32664 critical
- CVE-2023-33866 critical
- CVE-2023-38117 unknown
- CVE-2023-33876 critical
- CVE-2023-38119 unknown
- CVE-2023-38106 unknown
- CVE-2023-38118 unknown
- CVE-2023-38113 unknown
- CVE-2023-38114 unknown
- CVE-2023-27379 critical
- CVE-2023-38112 unknown
- CVE-2023-38116 unknown
- CVE-2023-38105 unknown
- CVE-2023-38110 unknown
- CVE-2023-38108 unknown
- CVE-2023-38109 unknown
- CVE-2023-38107 unknown
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!