3 matches found
CVE-2023-33876
A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. Specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. ...
Foxit PDF Editor < 11.2.7 Multiple Vulnerabilities
According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 11.2.7. It is, therefore affected by multiple vulnerabilities: - A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF...
CVE-2023-33876
CVE-2023-33876 describes a use-after-free in Foxit Reader 12.1.2.15332 where destroying annotations can reuse a freed object, leading to memory corruption and arbitrary code execution. Exploitation requires a user to open a malicious PDF or visit a crafted site if the browser plugin is enabled. C...