Kaspersky ID:
KLA60004
Дата обнаружения:
12/09/2023
Обновлено:
06/03/2024

Описание

Multiple vulnerabilities were found in Foxit PDF Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. Code execution vulnerability can be exploited remotely to execute arbitrary code.
  2. Use after free vulnerability in Annotation can be exploited to obtain sensitive information.
  3. Out of bounds read vulnerability in AcroForm can be exploited to obtain sensitive information.
  4. Use after free vulnerability in Annotation can be exploited to execute arbitrary code.
  5. Use after free vulnerability in templates can be exploited to obtain sensitive information.
  6. Use after free vulnerability in PDF File Parsing can be exploited to execute arbitrary code.
  7. Out of bounds read vulnerability in XFA Doc Object can be exploited to obtain sensitive information.
  8. Use after free vulnerability in XFA Doc Object can be exploited to execute arbitrary code.
  9. Use after free vulnerability in Doc Object can be exploited to execute arbitrary code.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

Список CVE

  • CVE-2023-39542
    critical
  • CVE-2023-42093
    unknown
  • CVE-2023-42095
    unknown
  • CVE-2023-42094
    unknown
  • CVE-2023-42089
    unknown
  • CVE-2023-42096
    unknown
  • CVE-2023-42090
    unknown
  • CVE-2023-42097
    unknown
  • CVE-2023-42098
    unknown
  • CVE-2023-42091
    unknown
  • CVE-2023-42092
    unknown

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Узнай больше об угрозах и векторах атаки на Энциклопедии Kaspersky
Бесплатно
Читать
Kaspersky Premium
Комплексное решение для защиты вашей цифровой жизни
Премиум
Скачать
Confirm changes?
Your message has been sent successfully.