Multiple vulnerabilities in Foxit PDF Reader

Описание

Multiple vulnerabilities were found in Foxit PDF Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. Code execution vulnerability can be exploited remotely to execute arbitrary code.
2. Use after free vulnerability in Annotation can be exploited to obtain sensitive information.
3. Out of bounds read vulnerability in AcroForm can be exploited to obtain sensitive information.
4. Use after free vulnerability in Annotation can be exploited to execute arbitrary code.
5. Use after free vulnerability in templates can be exploited to obtain sensitive information.
6. Use after free vulnerability in PDF File Parsing can be exploited to execute arbitrary code.
7. Out of bounds read vulnerability in XFA Doc Object can be exploited to obtain sensitive information.
8. Use after free vulnerability in XFA Doc Object can be exploited to execute arbitrary code.
9. Use after free vulnerability in Doc Object can be exploited to execute arbitrary code.

Первичный источник обнаружения

• Security updates available in Foxit PDF Reader 2023.2 and Foxit PDF Editor 2023.2
  

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

• Foxit-Reader
• Foxit-Reader-Enterprise

Список CVE

• CVE-2023-39542
  critical
• CVE-2023-42093
  warning
• CVE-2023-42095
  warning
• CVE-2023-42094
  critical
• CVE-2023-42089
  critical
• CVE-2023-42096
  critical
• CVE-2023-42090
  high
• CVE-2023-42097
  critical
• CVE-2023-42098
  warning
• CVE-2023-42091
  critical
• CVE-2023-42092
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com