Risk | High |
Patch available | YES |
Number of vulnerabilities | 19 |
CVE-ID | CVE-2022-25641 CVE-2022-30557 CVE-2022-28669 CVE-2022-28670 CVE-2022-28672 CVE-2022-28671 CVE-2022-28673 CVE-2022-28674 CVE-2022-28675 CVE-2022-28676 CVE-2022-28677 CVE-2022-28678 CVE-2022-28679 CVE-2022-28681 CVE-2022-28682 CVE-2022-28683 CVE-2022-28680 |
CWE-ID | CWE-476 CWE-125 CWE-347 CWE-843 CWE-416 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #7 is available. |
Vulnerable software Subscribe |
Foxit PDF Reader for Windows Client/Desktop applications / Office applications Foxit PDF Editor (formerly Foxit PhantomPDF) Client/Desktop applications / Office applications |
Vendor | Foxit Software Inc. |
Security Bulletin
This security bulletin contains information about 19 vulnerabilities.
Updated: 13.05.2022
Added vulnerabilities #5-19.
EUVDB-ID: #VU62886
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error when executing JavaScripts in certain PDF files. A remote attacker can trick the victim to open a specially crafted PDF file and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62887
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to crash the application.
The vulnerability exists due to a boundary condition when handling certain encrypted PDFs with abnormal encryption dictionary.. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62885
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25641
CWE-ID:
CWE-347 - Improper Verification of Cryptographic Signature
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to a parsing error when handling signatures in PDF files. A remote attacker can perform Incremental Saving Attack and Shadow Attack and deliver incorrect signature information when handling certain signed PDF files.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU62888
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-30557
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper compiling for an Unsigned32 result in the V8 JavaScript Engine. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63155
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28669
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Doc objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-760/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63154
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28670
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the processing of AcroForms. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-761/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63150
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2022-28672
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Doc objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-763/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU63152
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28671
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Doc objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-762/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63149
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28673
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Doc objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-764/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63146
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28674
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Annotation objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-765/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63144
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28675
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Annotation objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-766/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63143
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28676
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Doc objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-767/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63142
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28677
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Annotation objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.2.53575
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-768/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63141
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28678
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Doc objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-769/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63139
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28679
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Annotation objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-770/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63137
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28681
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the deletePages method when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-772/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63135
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28682
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary condition within the handling of Doc objects. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger out-of-bounds read error and execute arbitrary code on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-773/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63133
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28683
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the deletePages method when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-774/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63138
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28680
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within the handling of Annotation objects when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.2.1.53537
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.2.1.53537
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-22-771/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.