The vulnerability of the CBF_Widget object handler in the PDF electronic document viewing software Foxit PDF Reader (formerly Foxit Reader) allows a perpetrator to execute arbitrary code.

The vulnerability of the CBFWidget object handler in the PDF document viewing software Foxit PDF Reader formerly Foxit Reader is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code, provided that the user opens a special...

CVE-2024-49576

Foxit Reader 2024.3.0.26795 contains a use-after-free in handling the checkbox CBF_Widget object. A crafted PDF with JavaScript can trigger memory corruption and arbitrary code execution. Exploitation requires user interaction (opening the malicious file or visiting a malicious site if the browse...

PT-2024-9691 · Foxit · Foxit Reader

Name of the Vulnerable Software and Affected Versions: Foxit Reader version 2024.3.0.26795 Description: A use-after-free vulnerability exists in the way Foxit Reader handles a checkbox CBF Widget object. This vulnerability can be triggered by a specially crafted Javascript code inside a malicious...