CVE-2025-32451

A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...

Foxit Reader 缓冲区错误漏洞

Foxit PDF Reader is a Chinese Foxit Foxit company's a PDF document reader. Foxit PDF Reader suffers from a buffer overflow vulnerability that originates from an uninitialized pointer, which can be exploited by an attacker to obtain system privileges and modify the system configuration by executin...

KLA86658 Multiple vulnerabilities in Foxit Reader

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. Denial of service...

PT-2025-32988 · Foxit · Foxit Reader

Name of the Vulnerable Software and Affected Versions: Foxit Reader version 2025.1.0.27937 Description: A memory corruption issue exists due to the use of an uninitialized pointer. A specially crafted Javascript code within a malicious PDF document can trigger this issue, potentially leading to...

Foxit Reader Signature Uninitialized Pointer Vulnerability

Talos Vulnerability Report TALOS-2025-2202 Foxit Reader Signature Uninitialized Pointer Vulnerability August 13, 2025 CVE Number CVE-2025-32451 SUMMARY A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascrip...

Foxit Reader Plugin Buffer Overflow Vulnerability

Foxit Reader Plugin is a U.S. Foxit company's PDF reading plug-ins. A buffer overflow vulnerability exists in Foxit Reader Plugin version 2.2.1.530, which stems from incorrect handling of URL query strings and can be exploited by an attacker to cause a buffer overflow and arbitrary code execution...

CVE-2013-10068

Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4.11281, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from a remote host, an overly long query string in the URL can overflow a buffer, allowing remote...

CVE-2013-10068

Foxit Reader versions through 5.4.5.0114, including the bundled Foxit Reader Plugin 2.2.1.530, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from a remote host, an overly long query string in the URL can overflow a buffer,...

CVE-2013-10068

Foxit Reader versions through 5.4.5.0114, including the bundled Foxit Reader Plugin 2.2.1.530, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from a remote host, an overly long query string in the URL can overflow a buffer,...

CVE-2013-10068

Foxit Reader Plugin (npFoxitReaderPlugin.dll) in Foxit Reader 5.4.4.11281 bundle includes a stack-based buffer overflow in version 2.2.1.530 when processing a remote PDF URL with an overly long query string, enabling arbitrary code execution. Affected component: Foxit Reader Plugin URL processing...

CVE-2013-10068 Foxit Reader <= 5.4.5.0114 Plugin URL Processing Buffer Overflow

Foxit Reader versions through 5.4.5.0114, including the bundled Foxit Reader Plugin 2.2.1.530, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from a remote host, an overly long query string in the URL can overflow a buffer,...

CVE-2013-10068 Foxit Reader <= 5.4.5.0114 Plugin URL Processing Buffer Overflow

Foxit Reader versions through 5.4.5.0114, including the bundled Foxit Reader Plugin 2.2.1.530, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from a remote host, an overly long query string in the URL can overflow a buffer,...

Foxit Reader Plugin 安全漏洞

Foxit Reader Plugin is a U.S. Foxit company's PDF reading plug-ins. A buffer overflow vulnerability exists in Foxit Reader Plugin version 2.2.1.530, which stems from incorrect handling of URL query strings and can be exploited by an attacker to cause a buffer overflow and arbitrary code execution...

PT-2025-31992

Name of the Vulnerable Software and Affected Versions Foxit Reader versions 5.4.4.11281 Foxit Reader Plugin version 2.2.1.530 Description The Foxit Reader Plugin version 2.2.1.530, included with Foxit Reader 5.4.4.11281, contains a stack-based buffer overflow in the npFoxitReaderPlugin.dll module...

PT-2025-34322

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: The Foxit PDF Reader Update Service contains a local privilege escalation issue due to an uncontrolled search path element. This allows for potential exploitation by a local...

CVE-2023-39542

A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. A specially crafted malformed file can create arbitrary files, which can lead to remote code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerabilit...

CVE-2023-41257

A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker...

CVE-2023-32616

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An...

CVE-2023-32664

A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. Specially crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. User would need to open a malicious file to...

CVE-2023-38573

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An...