CVE-2024-30340 Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability

🗓️ 02 Apr 2024 20:11:42Reported by zdiType

Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects.

Reporter	Title	Published	Views	Family All 15
CNNVD	Foxit PDF Reader 安全漏洞	2 Apr 202400:00	–	cnnvd
CVE	CVE-2024-30340	2 Apr 202420:11	–	cve
EUVD	EUVD-2024-28261	3 Oct 202520:07	–	euvd
Tenable Nessus	Foxit PDF Editor < 11.2.9 Multiple Vulnerabilities	28 Apr 202400:00	–	nessus
Tenable Nessus	Foxit PDF Editor < 12.1.5 Multiple Vulnerabilities	28 Apr 202400:00	–	nessus
Tenable Nessus	Foxit PDF Editor < 13.1 Multiple Vulnerabilities	28 Apr 202400:00	–	nessus
Tenable Nessus	Foxit PDF Editor < 2024.1 Multiple Vulnerabilities	5 Mar 202400:00	–	nessus
Tenable Nessus	Foxit PDF Reader < 2024.1 Multiple Vulnerabilities	5 Mar 202400:00	–	nessus
Kaspersky	KLA64774 Multiple vulnerabilities in Foxit PDF Reader	5 Mar 202400:00	–	kaspersky
NVD	CVE-2024-30340	2 Apr 202420:15	–	nvd

[
  {
    "vendor": "Foxit",
    "product": "PDF Reader",
    "versions": [
      {
        "version": "2023.3.0.23028",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-24-321/
foxit	www.foxit.com/support/security-bulletins.html

02 Apr 2024 20:11Current

5.4Medium risk

Vulners AI Score5.4

CVSS 33.3

EPSS0.00474

CWE-125