Multiple vulnerabilities in Foxit Reader

Описание

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability can be exploited remotely to execute arbitrary code.
2. Out of Bounds Read or Use After Free vulnerability in memory access to cause denial of service, execute arbitrary code or obtain sensitive information.
3. Type Confusion vulnerability in the V8 JavaScript Engine can be exploited to cause denial of service.
4. Out of Bounds Read vulnerability can be exploited to cause denial of service.
5. Use After Free vulnerability can be exploited to cause denial of service and execute arbitrary code.

Первичный источник обнаружения

• Security updates available in Foxit PDF Reader 11.2.1 and Foxit PDF Editor 11.2.2
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Foxit-Reader
• Foxit-Reader-Enterprise

Список CVE

• CVE-2022-25641
  high
• CVE-2022-28679
  critical
• CVE-2022-28671
  critical
• CVE-2022-30557
  critical
• CVE-2022-28669
  critical
• CVE-2022-28676
  critical
• CVE-2022-28682
  critical
• CVE-2022-28674
  critical
• CVE-2022-28673
  critical
• CVE-2022-28681
  high
• CVE-2022-28683
  critical
• CVE-2022-28672
  critical
• CVE-2022-28677
  critical
• CVE-2022-28675
  critical
• CVE-2022-28678
  critical
• CVE-2022-28670
  critical
• CVE-2022-28680
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com