2024 Foxit pdf reader vulnerability

Foxit pdf reader vulnerability

Author: cnvx

August undefined, 2024

WebApr 24, 2024 · The new Foxit PDF Reader update also resolves five security vulnerabilities discovered by Cisco Talos security researchers, which could be exploited for code execution. The first of them, CVE-2024-14458, is a use-after-free in the JavaScript engine of the application. When a document is closed, embedded JavaScript code … WebDec 9, 2024 · A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this …

Foxit PDF Reader < 12.1 Vulnerability Tenable®

WebOct 1, 2024 · TALOS-2024-0631 / CVE-2024-3966 is a use-after-free vulnerability found in the JavaScript engine of Foxit PDF Reader which can be abused to execute arbitrary … WebMay 9, 2024 · Description. According to its version, the Foxit PDF Reader application (previously named Foxit Reader) installed on the remote Windows host is prior to 11.2.2. It is, therefore affected by multiple vulnerabilities: - Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 … small ceramic pitcher nf

FoxIt Patches Code Execution Flaws in PDF Tools

WebJan 16, 2024 · An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger ... WebApr 22, 2024 · To exploit the RCE vulnerability in Foxit Reader, the attacker must trick the victim into actively opening a malicious PDF file. Several vulnerabilities can be exploited. There are two vulnerabilities ( CVE-2024-10899, CVE-2024-10907 ) in the processing of XFA templates. These are templates embedded in PDF files that allow fillable fields. WebMar 31, 2024 · Foxit PDF Reader Buffer Overflow Vulnerability (CNVD-2024-25115) 2024-03-31T00:00:00 Description Foxit PDF Reader is a PDF reader from Foxit, a Chinese … somersworth nh middle school

NVD - CVE-2024-41783

WebJul 28, 2024 · July 28, 2024. Foxit Software this week released security updates for its PDF Reader and PDF Editor applications, to address multiple vulnerabilities, including some leading to remote code execution. Three of the vulnerabilities addressed by Foxit were identified by Cisco Talos researchers, all three leading to arbitrary code execution. WebApr 19, 2024 · Overview Talos is disclosing five vulnerabilities in Foxit PDF Reader. Foxit PDF Reader is a popular free program for viewing, creating, and editing PDF documents. It is commonly used as an alternative to Adobe Acrobat Reader and has a widely used browser plugin available. Update to the current version of small ceramic mermaids for craftsWebMay 31, 2024 · The vulnerability has been verified to exist in Foxit PDF Reader 11.2.2.53575, which was the most recent version at the time the advisory was written. The vulnerability was also verified in older Foxit PDF Reader versions. somersworth nh school calendar

"WebDescription. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. " - Foxit pdf reader vulnerability

Foxit pdf reader vulnerability

Foxit PDF Reader < 11.2.2 Multiple Vulnerabilities

WebThis time, we found a use-after-free vulnerability and several other crashes in Foxit PDF Reader during fuzz testing. We were able to successfully exploit this vulnerability to gain Remote Code Execution in the context of Foxit PDF Reader. Zero Day Initiative (ZDI) purchased this exploit, despite it being a bug collision. WebBy the Year. In 2024 there have been 2 vulnerabilities in Foxit Pdf Reader with an average score of 7.2 out of ten. Last year Pdf Reader had 7 security vulnerabilities published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. Last year, the average CVE base score was greater by 0.61.

Did you know?

WebMay 10, 2024 · A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can … WebMay 10, 2024 · Foxit Software, the US and China-based PDF software developer, has recently released security updates to fix a high severity Remote Code Execution (RCE) vulnerability affecting the PDF reader. Foxit, who claims to have more than 560 million users located in more than 200 countries, announced that this security flaw could let …

WebNov 9, 2024 · A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document …

WebIn Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. WebDescription. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit …

WebJan 18, 2024 · According to its version, the Foxit PDF Reader application (previously named Foxit Reader) installed on the remote Windows host is prior to 12.1. It is, therefore affected by vulnerability: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

WebAccording to its version, the Foxit PDF Reader application (previously named Foxit Reader) installed on the remote Windows host is prior to 11.2.1. It is, therefore affected by multiple vulnerabilities: - Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap ... small ceramic housesWebFoxit Reader is a free PDF document viewer and creator with a rich feature set. Whether you're a consumer, employment, government agency, or educational organization, her … somersworth nh planning boardWebThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ADBC objects. somersworth nh parking banWebA type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this ... somersworth nh property tax cardsWebDec 19, 2024 · Description. MCNC would like to make you aware of a CRITICAL vulnerability affecting Foxit PDF software on Windows OS. Currently there is no associated CVE. While there is no indication that this is actively being used in the wild, please consider prioritization of upgrading instances of Foxit in your environment. As a … small ceramic light up christmas treeWebNational Vulnerability Database NVD. Vulnerabilities; CVE-2024-41783 Detail Description . Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. somersworth nh ordinanceWebOct 12, 2024 · Description. According to its version, the Foxit PDF Reader application (previously named Foxit Reader) installed on the remote Windows host is prior to 11.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. small ceramic heaters uk