Multiple vulnerabilities in Foxit PDF Reader and Editor



Published: 2022-11-08 | Updated: 2022-12-27
Risk High
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2022-32774
CVE-2022-38097
CVE-2022-37332
CVE-2022-40129
CVE-2022-43640
CVE-2022-43641
CVE-2022-43639
CVE-2022-43638
CVE-2022-43637
CWE-ID CWE-416
CWE-125
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Foxit PDF Reader for Windows
Client/Desktop applications / Office applications

Foxit PDF Editor (formerly Foxit PhantomPDF)
Client/Desktop applications / Office applications

Vendor Foxit Software Inc.

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU69109

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-32774

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling JavaScripts in PDF files. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 10.0.0.35798 - 12.0.1.12430

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 12.0.1.12430

External links

http://www.foxitsoftware.com/support/security-bulletins.html?Security+updates+available+in+Foxit+PDF+Reader+12.0.2+and+Foxit+PDF+Editor+12.0.22022-11-07+00%3A00%3A00
http://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1600


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU69110

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-38097

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling JavaScripts in PDF files. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 10.0.0.35798 - 12.0.1.12430

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 12.0.1.12430

External links

http://www.foxitsoftware.com/support/security-bulletins.html?Security+updates+available+in+Foxit+PDF+Reader+12.0.2+and+Foxit+PDF+Editor+12.0.22022-11-07+00%3A00%3A00
http://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1601


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU69111

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-37332

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling JavaScripts in PDF files. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 10.0.0.35798 - 12.0.1.12430

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 12.0.1.12430

External links

http://www.foxitsoftware.com/support/security-bulletins.html?Security+updates+available+in+Foxit+PDF+Reader+12.0.2+and+Foxit+PDF+Editor+12.0.22022-11-07+00%3A00%3A00
http://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1602


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU69112

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-40129

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling JavaScripts in PDF files. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 10.0.0.35798 - 12.0.1.12430

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 12.0.1.12430

External links

http://www.foxitsoftware.com/support/security-bulletins.html?Security+updates+available+in+Foxit+PDF+Reader+12.0.2+and+Foxit+PDF+Editor+12.0.22022-11-07+00%3A00%3A00
http://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1614


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU69553

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-43640

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 10.0.0.35798 - 12.0.2.1028

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 12.0.2.1028

External links

http://www.foxit.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-22-1660/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU69549

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-43641

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when parsing U3D files. A remote attacker can trick the victim into opening a specially crafted U3D file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 10.0.0.35798 - 12.0.2.1028

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 12.0.2.1028

External links

http://www.foxit.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-22-1661/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free

EUVDB-ID: #VU69550

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-43639

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when parsing U3D files. A remote attacker can trick the victim into opening a specially crafted U3D file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 10.0.0.35798 - 12.0.2.1028

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 12.0.2.1028

External links

http://www.foxit.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-22-1659/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use-after-free

EUVDB-ID: #VU69551

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-43638

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when parsing U3D files. A remote attacker can trick the victim into opening a specially crafted U3D file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 10.0.0.35798 - 12.0.2.1028

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 12.0.2.1028

External links

http://www.foxit.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-22-1658/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU69552

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-43637

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when parsing U3D files. A remote attacker can trick the victim into opening a specially crafted U3D file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 10.0.0.35798 - 12.0.2.1028

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 12.0.2.1028

External links

http://www.foxit.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-22-1657/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###