Описание
Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service.
Below is a complete list of vulnerabilities:
- Out of bounds read vulnerability can be exploited remotely to execute arbitrary code and obtain sensitive information.
- Use after free vulnerability can be exploited remotely to execute arbitrary code.
- Code execution vulnerability in Doc object can be exploited remotely to execute arbitrary code.
- Type confusion vulnerability can be exploited to cause denial of service and execute arbitrary code.
- Use after free vulnerability in AcroForm Doc can be exploited remotely to execute arbitrary code.
- Type confusion vulnerability in Annotation can be exploited to cause denial of service.
- Out of bounds read vulnerability in Doc can be exploited remotely to obtain sensitive information.
- Out of bounds read vulnerability in File Parser can be exploited remotely to obtain sensitive information.
- Use after free vulnerability in AcroForm Signature can be exploited remotely to execute arbitrary code.
- Out of bounds read vulnerability in combobox can be exploited remotely to obtain sensitive information.
- Use after free vulnerability in Signature can be exploited remotely to execute arbitrary code.
- Out of bounds read vulnerability in AcroForm Doc can be exploited remotely to obtain sensitive information.
- Out of bounds read vulnerability in Bookmark can be exploited remotely to obtain sensitive information.
- Out of bounds read vulnerability in AcroForm out-of-bounds can be exploited remotely to obtain sensitive information.
- Use after free vulnerability in AcroForm Doc Object can be exploited remotely to execute arbitrary code.
Первичный источник обнаружения
Эксплуатация
Public exploits exist for this vulnerability.
Связанные продукты
Список CVE
- CVE-2023-41257 critical
- CVE-2023-32616 critical
- CVE-2023-35985 critical
- CVE-2023-40194 critical
- CVE-2023-38573 critical
- CVE-2023-51556 unknown
- CVE-2023-51560 unknown
- CVE-2023-51555 unknown
- CVE-2023-51561 unknown
- CVE-2023-51552 unknown
- CVE-2023-51550 unknown
- CVE-2023-51554 unknown
- CVE-2023-51557 unknown
- CVE-2023-51558 unknown
- CVE-2023-51553 unknown
- CVE-2023-51562 unknown
- CVE-2023-51551 unknown
- CVE-2023-51549 unknown
- CVE-2023-51559 unknown
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!