KLA51719
Multiple vulnerabilities in Foxit PDF Reader

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Out of bounds read vulnerability in AcroForm can be exploited to obtain sensitive information.
2. Use after free vulnerability in JavaScript engine can be exploited to cause denial of service or execute arbitrary code.
3. Use after free vulnerability in Annotation can be exploited to execute arbitrary code.
4. Type confusion vulnerability in Javascript checkThisBox method can be exploited to cause denial of service and execute arbitrary code.
5. Use after free vulnerability in AcroForm Doc Object can be exploited to execute arbitrary code.
6. Out of bounds read vulnerability in AcroForm signature can be exploited to execute arbitrary code.
7. Out of bounds read vulnerability in PDF File Parsing can be exploited to obtain sensitive information.
8. Out of bounds write vulnerability in AcroForm Doc Object can be exploited to execute arbitrary code.
9. Use after free vulnerability in Annotation can be exploited to obtain sensitive information.
10. Use after free vulnerability in XFA Annotation can be exploited to execute arbitrary code.
11. Out of bounds read vulnerability in Doc Object can be exploited to obtain sensitive information.
12. Out of bounds read vulnerability in AcroForm Doc Object can be exploited to obtain sensitive information.

Foxit PDF Reader earlier than 12.1.3.15356

Update to the latest version
Download Foxit Reader