Multiple vulnerabilities in Foxit PDF Reader and Editor for Windows



| Updated: 2024-10-21
Risk High
Patch available YES
Number of vulnerabilities 22
CVE-ID CVE-2024-9255
CVE-2024-41605
CVE-2024-9248
CVE-2024-9249
CVE-2024-9247
CVE-2024-38393
CVE-2024-9244
CVE-2024-9245
CVE-2024-9256
CVE-2024-9254
CVE-2024-28888
CVE-2024-9251
CVE-2024-9253
CVE-2024-9252
CVE-2024-9250
CVE-2024-9246
CVE-2024-9243
CVE-2024-7725
CVE-2024-7724
CVE-2024-7723
CVE-2024-7722
CWE-ID CWE-416
CWE-354
CWE-787
CWE-426
CWE-476
Exploitation vector Network
Public exploit N/A
Vulnerable software
Foxit PDF Reader for Windows
Client/Desktop applications / Office applications

Foxit PDF Editor (formerly Foxit PhantomPDF)
Client/Desktop applications / Office applications

Vendor Foxit Software Inc.

Security Bulletin

This security bulletin contains information about 22 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU97887

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9255

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1308/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper validation of integrity check value

EUVDB-ID: #VU97899

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-41605

CWE-ID: CWE-354 - Improper Validation of Integrity Check Value

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the application fails to validate the integrity of the updater when running the update service. A local user can replace the update file with a malicious one and execute arbitrary code with elevated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds write

EUVDB-ID: #VU97894

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9248

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can create a specially crafted PDF file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1302/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds write

EUVDB-ID: #VU97893

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9249

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can create a specially crafted PDF file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1301/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds write

EUVDB-ID: #VU97892

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9247

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can create a specially crafted PDF file, trick the victim into opening it using the affected software, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1300/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Untrusted search path

EUVDB-ID: #VU97891

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38393

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to usage of an untrusted search path when performing an update or installing a plugin. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Untrusted search path

EUVDB-ID: #VU97890

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9244

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to usage of an untrusted search path when performing an update or installing a plugin. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1298/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Untrusted search path

EUVDB-ID: #VU97889

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9245

CWE-ID: CWE-426 - Untrusted Search Path

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to usage of an untrusted search path when performing an update or installing a plugin. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1297/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU97888

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9256

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1309/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Use-after-free

EUVDB-ID: #VU97886

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9254

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1307/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU97878

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-28888

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1967


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU97885

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9251

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1306/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Use-after-free

EUVDB-ID: #VU97884

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9253

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1305/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU97883

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9252

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1304/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU97882

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9250

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1303/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Use-after-free

EUVDB-ID: #VU97881

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9246

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1299/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU97880

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-9243

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html
http://www.zerodayinitiative.com/advisories/ZDI-24-1296/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free

EUVDB-ID: #VU97898

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-7725

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 12.1.7.15526

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU97897

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-7724

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 12.1.7.15526

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free

EUVDB-ID: #VU97896

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-7723

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 12.1.7.15526

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU97895

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-7722

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted PDF file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 12.1.7.15526

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) NULL pointer dereference

EUVDB-ID: #VU97900

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error when handling PDF files. A remote attacker can trick the victim into opening a specially crafted file and crash the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 11.0.0.49893 - 2024.2.3.25184

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 2024.2.3.64402

CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###