CVSS: 10.0EPSS: 4%CPEs: 3EXPL: 0CVE-2024-28888
https://notcve.org/view.php?id=CVE-2024-28888
02 Oct 2024 — A use-after-free vulnerability exists in the way Foxit Reade 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1967 • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41605
https://notcve.org/view.php?id=CVE-2024-41605
26 Sep 2024 — An issue in Foxit Software Foxit PDF Reader v.2024.2.2.25170 allows a local attacker to execute arbitrary code via the FoxitPDFReaderUpdater.exe component In Foxit PDF Reader before 2024.3, and PDF Editor before 2024.3 and 13.x before 13.1.4, an attacker can replace an update file with a Trojan horse via side loading, because the update service lacks integrity validation for the updater. Attacker-controlled code may thus be executed. • https://www.foxit.com/support/security-bulletins.html • CWE-284: Improper Access Control •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29072
https://notcve.org/view.php?id=CVE-2024-29072
28 May 2024 — A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper certification validation of the updater executable before executing it. A low privilege user can trigger the update action which can result in unexpected elevation of privilege. Existe una vulnerabilidad de escalada de privilegios en Foxit Reader 2024.2.0.25138. La vulnerabilidad se produce debido a una validación de certificación inadecuada del ejecutable del actualizador antes de ejecut... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989 • CWE-295: Improper Certificate Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25648
https://notcve.org/view.php?id=CVE-2024-25648
30 Apr 2024 — A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1959 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25575
https://notcve.org/view.php?id=CVE-2024-25575
30 Apr 2024 — A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabl... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1963 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39542
https://notcve.org/view.php?id=CVE-2023-39542
27 Nov 2023 — A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. A specially crafted malformed file can create arbitrary files, which can lead to remote code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. Existe una vulnerabilidad de ejecución de código en la API saveAs de Javascript de Fo... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1832 • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-40194
https://notcve.org/view.php?id=CVE-2023-40194
27 Nov 2023 — An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of whitespace characters. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. Exis... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1833 • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 3CVE-2023-35985
https://notcve.org/view.php?id=CVE-2023-35985
27 Nov 2023 — An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted malicious site if the browser plugin extension is... • https://github.com/SpiralBL0CK/-CVE-2023-35985 • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32616
https://notcve.org/view.php?id=CVE-2023-32616
27 Nov 2023 — A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enab... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1837 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41257
https://notcve.org/view.php?id=CVE-2023-41257
27 Nov 2023 — A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. Exi... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1838 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •