Description
Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, execute arbitrary code, gain privileges.
Below is a complete list of vulnerabilities:
- Denial of service vulnerability can be exploited remotely to cause denial of service.
- Out-Of-Bounds Read vulnerability in JP2 File Parsing can be exploited remotely to bypass security restrictions and obtain sensitive information
- Out-Of-Bounds Read vulnerability in PRC File Parsing can be exploited remotely to execute arbitrary code
- Out-Of-Bounds Read vulnerability in PRC File Parsing can be exploited remotely to bypass security restrictions and obtain sensitive information
- An elevation of privilege vulnerability in Foxit PDF Reader Update Service can be exploited remotely to gain privileges.
- Out-Of-Bounds Read vulnerability when executing JavaScripts embedded in certain PDF files can be exploited remotely to obtain sensitive information.
- Use After Free vulnerability when executing JavaScripts embedded in certain PDF files can be exploited remotely to execute arbitrary code.
- Improper Verification of Cryptographic Signature vulnerability in handling signed document that contain JavaScript can be exploited remotely to bypass security restrictions.
- Use After Free vulnerability when executing JavaScripts embedded in certain PDF files can be exploited remotely to obtain sensitive information.
- Download of Code Without Integrity Check vulnerability in Start Page can be exploited remotely to obtain sensitive information.
- NULL Pointer Dereference vulnerability when executing JavaScripts embedded in certain PDF files can be exploited remotely to execute arbitrary code.
- Out-of-bounds Read vulnerability when executing JavaScripts embedded in certain PDF files can be exploited remotely to execute arbitrary code.
Fiches de renseignement originales
Exploitation
Public exploits exist for this vulnerability.
Produits associés
Liste CVE
- CVE-2025-32451 critical
- CVE-2025-9323 high
- CVE-2025-9324 high
- CVE-2025-9325 high
- CVE-2025-9326 critical
- CVE-2025-9327 high
- CVE-2025-9328 critical
- CVE-2025-9329 critical
- CVE-2025-9330 critical
- CVE-2025-55307 warning
- CVE-2025-55314 critical
- CVE-2025-55311 high
- CVE-2025-55308 high
- CVE-2025-55310 high
- CVE-2025-55313 critical
- CVE-2025-55312 critical
- CVE-2025-55309 high
En savoir plus
Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com
Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ? Faites-le nous savoir !