Description
Multiple vulnerabilities were found in Foxit PDF Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions, gain privileges.
Below is a complete list of vulnerabilities:
- Code execution vulnerability can be exploited remotely to execute arbitrary code.
- Use after free vulnerability in AcroForm can be exploited to execute arbitrary code.
- Use after free vulnerability in Doc Object can be exploited to execute arbitrary code.
- Out of bounds memory read vulnerability in Annotation can be exploited to obtain sensitive information.
- Out of bounds memory read vulnerability in template can be exploited to execute arbitrary code.
- Use after free vulnerability in File Parsing can be exploited to execute arbitrary code.
- Type confusion vulnerability in AcroForm Annotation can be exploited to execute arbitrary code.
- Use after free vulnerability in template can be exploited to execute arbitrary code.
- Use after free vulnerability in Annotation can be exploited to obtain sensitive information.
- Out of bounds memory read vulnerability in U3D File Parsing can be exploited to obtain sensitive information.
- Out of bounds memory read vulnerability in AcroForm Annotation can be exploited to obtain sensitive information.
- Out of bounds memory read vulnerability in Doc Object can be exploited to execute arbitrary code.
- Use after free vulnerability in Annotation can be exploited to execute arbitrary code.
- Out of bounds memory write vulnerability in U3D File Parsing can be exploited to execute arbitrary code.
- Out of bounds memory read vulnerability in AcroForm 3D can be exploited to execute arbitrary code.
- Out of bounds memory read vulnerability in AcroForm can be exploited to execute arbitrary code.
- Out of bounds memory write vulnerability in U3D File Parsing can be exploited to execute arbitrary code.
- Out of bounds memory read vulnerability in AcroForm can be exploited to obtain sensitive information.
- Use after free vulnerability in Annotation can be exploited to execute arbitrary code.
- Elevation of privilege vulnerability can be exploited remotely to gain privileges.
Original advisories
Related products
CVE list
- CVE-2024-25858 warning
- CVE-2024-30328 warning
- CVE-2024-30322 warning
- CVE-2024-30333 warning
- CVE-2024-30350 warning
- CVE-2024-30346 warning
- CVE-2024-30352 warning
- CVE-2024-30366 warning
- CVE-2024-30358 warning
- CVE-2024-30323 warning
- CVE-2024-30362 warning
- CVE-2024-30325 warning
- CVE-2024-30357 warning
- CVE-2024-30344 warning
- CVE-2024-30327 warning
- CVE-2024-30339 warning
- CVE-2024-30337 warning
- CVE-2024-30329 warning
- CVE-2024-30347 warning
- CVE-2024-30351 warning
- CVE-2024-30334 warning
- CVE-2024-30367 warning
- CVE-2024-30326 warning
- CVE-2024-30335 warning
- CVE-2024-30345 warning
- CVE-2024-30341 warning
- CVE-2024-30336 warning
- CVE-2024-30338 warning
- CVE-2024-30324 warning
- CVE-2024-30371 warning
- CVE-2024-30365 warning
- CVE-2024-30343 warning
- CVE-2024-30354 warning
- CVE-2024-30349 warning
- CVE-2024-30340 warning
- CVE-2024-30330 warning
- CVE-2024-30359 warning
- CVE-2024-30355 warning
- CVE-2024-30348 warning
- CVE-2024-30363 warning
- CVE-2024-30332 warning
- CVE-2024-30356 warning
- CVE-2024-30364 warning
- CVE-2024-30353 warning
- CVE-2024-30360 warning
- CVE-2024-30331 warning
- CVE-2024-30361 warning
- CVE-2024-30342 warning
- CVE-2024-32488 warning
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!