Search criteria
716 vulnerabilities found for pdf_editor by foxit
CVE-2025-59803 (GCVE-0-2025-59803)
Vulnerability from nvd – Published: 2025-12-11 00:00 – Updated: 2025-12-11 15:45
VLAI?
Summary
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the triggers modify content on other pages or optional content layers without explicit warning. This can cause the signed PDF to differ from what the signer saw, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1.
Severity ?
5.3 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59803",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-11T15:43:03.230826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T15:45:25.425Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the triggers modify content on other pages or optional content layers without explicit warning. This can cause the signed PDF to differ from what the signer saw, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T15:29:04.346Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59803",
"datePublished": "2025-12-11T00:00:00.000Z",
"dateReserved": "2025-09-22T00:00:00.000Z",
"dateUpdated": "2025-12-11T15:45:25.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9330 (GCVE-0-2025-9330)
Vulnerability from nvd – Published: 2025-09-02 20:09 – Updated: 2025-09-02 20:39
VLAI?
Summary
Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the Foxit Reader Update Service. The product loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-25709.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2025.1.0.27937
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T20:39:09.300324Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:39:14.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2025.1.0.27937"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:26.662Z",
"datePublic": "2025-08-21T20:12:07.977Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Foxit Reader Update Service. The product loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-25709."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427: Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:51.190Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-870",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-870/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Alexander Staalgaard"
},
"title": "Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9330",
"datePublished": "2025-09-02T20:09:51.190Z",
"dateReserved": "2025-08-21T19:50:26.628Z",
"dateUpdated": "2025-09-02T20:39:14.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9323 (GCVE-0-2025-9323)
Vulnerability from nvd – Published: 2025-09-02 20:09 – Updated: 2025-09-02 20:39
VLAI?
Summary
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-27101.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2025.1.0.27937
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9323",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T20:39:29.926055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:39:34.719Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2025.1.0.27937"
}
]
}
],
"dateAssigned": "2025-08-21T19:49:59.256Z",
"datePublic": "2025-08-21T20:12:03.603Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-27101."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:42.290Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-869",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-869/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "soiax"
},
"title": "Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9323",
"datePublished": "2025-09-02T20:09:42.290Z",
"dateReserved": "2025-08-21T19:49:59.210Z",
"dateUpdated": "2025-09-02T20:39:34.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9324 (GCVE-0-2025-9324)
Vulnerability from nvd – Published: 2025-09-02 20:09 – Updated: 2025-09-02 20:39
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26802.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T20:39:45.565832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:39:52.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:05.600Z",
"datePublic": "2025-08-21T20:11:59.487Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26802."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:34.797Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-868",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-868/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9324",
"datePublished": "2025-09-02T20:09:34.797Z",
"dateReserved": "2025-08-21T19:50:05.556Z",
"dateUpdated": "2025-09-02T20:39:52.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9325 (GCVE-0-2025-9325)
Vulnerability from nvd – Published: 2025-09-02 20:09 – Updated: 2025-09-02 20:41
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26785.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T20:41:26.692604Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:41:31.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:09.194Z",
"datePublic": "2025-08-21T20:11:55.222Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26785."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:27.758Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-867",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-867/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9325",
"datePublished": "2025-09-02T20:09:27.758Z",
"dateReserved": "2025-08-21T19:50:09.146Z",
"dateUpdated": "2025-09-02T20:41:31.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9326 (GCVE-0-2025-9326)
Vulnerability from nvd – Published: 2025-09-02 20:09 – Updated: 2025-09-02 20:41
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26784.
Severity ?
7.8 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9326",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T20:41:42.298511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:41:46.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:12.675Z",
"datePublic": "2025-08-21T20:11:50.753Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26784."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:20.028Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-866",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-866/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9326",
"datePublished": "2025-09-02T20:09:20.028Z",
"dateReserved": "2025-08-21T19:50:12.640Z",
"dateUpdated": "2025-09-02T20:41:46.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9327 (GCVE-0-2025-9327)
Vulnerability from nvd – Published: 2025-09-02 20:09 – Updated: 2025-09-03 14:30
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26774.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9327",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T14:30:04.137346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T14:30:11.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:16.213Z",
"datePublic": "2025-08-21T20:11:46.217Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26774."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:11.963Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-865",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-865/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9327",
"datePublished": "2025-09-02T20:09:11.963Z",
"dateReserved": "2025-08-21T19:50:16.171Z",
"dateUpdated": "2025-09-03T14:30:11.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9328 (GCVE-0-2025-9328)
Vulnerability from nvd – Published: 2025-09-02 20:09 – Updated: 2025-09-03 14:31
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26773.
Severity ?
7.8 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9328",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T14:31:23.472244Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T14:31:28.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:19.953Z",
"datePublic": "2025-08-21T20:11:41.466Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26773."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:04.564Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-864",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-864/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9328",
"datePublished": "2025-09-02T20:09:04.564Z",
"dateReserved": "2025-08-21T19:50:19.917Z",
"dateUpdated": "2025-09-03T14:31:28.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9329 (GCVE-0-2025-9329)
Vulnerability from nvd – Published: 2025-09-02 20:08 – Updated: 2025-09-03 14:32
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26772.
Severity ?
7.8 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9329",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T14:32:38.272393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T14:32:43.123Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:23.006Z",
"datePublic": "2025-08-21T20:11:35.993Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26772."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:08:56.886Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-863",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-863/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9329",
"datePublished": "2025-09-02T20:08:56.886Z",
"dateReserved": "2025-08-21T19:50:22.974Z",
"dateUpdated": "2025-09-03T14:32:43.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-59803 (GCVE-0-2025-59803)
Vulnerability from cvelistv5 – Published: 2025-12-11 00:00 – Updated: 2025-12-11 15:45
VLAI?
Summary
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the triggers modify content on other pages or optional content layers without explicit warning. This can cause the signed PDF to differ from what the signer saw, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1.
Severity ?
5.3 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-59803",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-11T15:43:03.230826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T15:45:25.425Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the triggers modify content on other pages or optional content layers without explicit warning. This can cause the signed PDF to differ from what the signer saw, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T15:29:04.346Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59803",
"datePublished": "2025-12-11T00:00:00.000Z",
"dateReserved": "2025-09-22T00:00:00.000Z",
"dateUpdated": "2025-12-11T15:45:25.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9330 (GCVE-0-2025-9330)
Vulnerability from cvelistv5 – Published: 2025-09-02 20:09 – Updated: 2025-09-02 20:39
VLAI?
Summary
Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the Foxit Reader Update Service. The product loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-25709.
Severity ?
7.8 (High)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2025.1.0.27937
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T20:39:09.300324Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:39:14.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2025.1.0.27937"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:26.662Z",
"datePublic": "2025-08-21T20:12:07.977Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Foxit Reader Update Service. The product loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-25709."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427: Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:51.190Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-870",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-870/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Alexander Staalgaard"
},
"title": "Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9330",
"datePublished": "2025-09-02T20:09:51.190Z",
"dateReserved": "2025-08-21T19:50:26.628Z",
"dateUpdated": "2025-09-02T20:39:14.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9323 (GCVE-0-2025-9323)
Vulnerability from cvelistv5 – Published: 2025-09-02 20:09 – Updated: 2025-09-02 20:39
VLAI?
Summary
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-27101.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2025.1.0.27937
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9323",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T20:39:29.926055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:39:34.719Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2025.1.0.27937"
}
]
}
],
"dateAssigned": "2025-08-21T19:49:59.256Z",
"datePublic": "2025-08-21T20:12:03.603Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-27101."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:42.290Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-869",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-869/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "soiax"
},
"title": "Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9323",
"datePublished": "2025-09-02T20:09:42.290Z",
"dateReserved": "2025-08-21T19:49:59.210Z",
"dateUpdated": "2025-09-02T20:39:34.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9324 (GCVE-0-2025-9324)
Vulnerability from cvelistv5 – Published: 2025-09-02 20:09 – Updated: 2025-09-02 20:39
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26802.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T20:39:45.565832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:39:52.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:05.600Z",
"datePublic": "2025-08-21T20:11:59.487Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26802."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:34.797Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-868",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-868/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9324",
"datePublished": "2025-09-02T20:09:34.797Z",
"dateReserved": "2025-08-21T19:50:05.556Z",
"dateUpdated": "2025-09-02T20:39:52.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9325 (GCVE-0-2025-9325)
Vulnerability from cvelistv5 – Published: 2025-09-02 20:09 – Updated: 2025-09-02 20:41
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26785.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T20:41:26.692604Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:41:31.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:09.194Z",
"datePublic": "2025-08-21T20:11:55.222Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26785."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:27.758Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-867",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-867/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9325",
"datePublished": "2025-09-02T20:09:27.758Z",
"dateReserved": "2025-08-21T19:50:09.146Z",
"dateUpdated": "2025-09-02T20:41:31.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9326 (GCVE-0-2025-9326)
Vulnerability from cvelistv5 – Published: 2025-09-02 20:09 – Updated: 2025-09-02 20:41
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26784.
Severity ?
7.8 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9326",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T20:41:42.298511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:41:46.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:12.675Z",
"datePublic": "2025-08-21T20:11:50.753Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26784."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:20.028Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-866",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-866/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9326",
"datePublished": "2025-09-02T20:09:20.028Z",
"dateReserved": "2025-08-21T19:50:12.640Z",
"dateUpdated": "2025-09-02T20:41:46.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9327 (GCVE-0-2025-9327)
Vulnerability from cvelistv5 – Published: 2025-09-02 20:09 – Updated: 2025-09-03 14:30
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26774.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9327",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T14:30:04.137346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T14:30:11.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:16.213Z",
"datePublic": "2025-08-21T20:11:46.217Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26774."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:11.963Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-865",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-865/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9327",
"datePublished": "2025-09-02T20:09:11.963Z",
"dateReserved": "2025-08-21T19:50:16.171Z",
"dateUpdated": "2025-09-03T14:30:11.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9328 (GCVE-0-2025-9328)
Vulnerability from cvelistv5 – Published: 2025-09-02 20:09 – Updated: 2025-09-03 14:31
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26773.
Severity ?
7.8 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9328",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T14:31:23.472244Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T14:31:28.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:19.953Z",
"datePublic": "2025-08-21T20:11:41.466Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26773."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:09:04.564Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-864",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-864/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9328",
"datePublished": "2025-09-02T20:09:04.564Z",
"dateReserved": "2025-08-21T19:50:19.917Z",
"dateUpdated": "2025-09-03T14:31:28.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-9329 (GCVE-0-2025-9329)
Vulnerability from cvelistv5 – Published: 2025-09-02 20:08 – Updated: 2025-09-03 14:32
VLAI?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26772.
Severity ?
7.8 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.4.0.27683
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9329",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T14:32:38.272393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T14:32:43.123Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.4.0.27683"
}
]
}
],
"dateAssigned": "2025-08-21T19:50:23.006Z",
"datePublic": "2025-08-21T20:11:35.993Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26772."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T20:08:56.886Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-863",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-863/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-9329",
"datePublished": "2025-09-02T20:08:56.886Z",
"dateReserved": "2025-08-21T19:50:22.974Z",
"dateUpdated": "2025-09-03T14:32:43.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12753 (GCVE-0-2024-12753)
Vulnerability from cvelistv5 – Published: 2024-12-30 20:14 – Updated: 2025-01-09 19:26
VLAI?
Summary
Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the product installer. By creating a junction, an attacker can abuse the installer process to create an arbitrary file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25408.
Severity ?
6.7 (Medium)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | PDF Reader |
Affected:
2024.2.3.25184
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12753",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T15:56:18.843559Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T19:26:22.102Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.2.3.25184"
}
]
}
],
"dateAssigned": "2024-12-18T10:29:58.808-06:00",
"datePublic": "2024-12-30T12:15:18.999-06:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the product installer. By creating a junction, an attacker can abuse the installer process to create an arbitrary file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25408."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T20:14:13.391Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1739",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1739/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-12753",
"datePublished": "2024-12-30T20:14:13.391Z",
"dateReserved": "2024-12-18T16:29:58.802Z",
"dateUpdated": "2025-01-09T19:26:22.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2025-9330
Vulnerability from fkie_nvd - Published: 2025-09-02 21:15 - Updated: 2025-09-08 13:52
Severity ?
Summary
Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the Foxit Reader Update Service. The product loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-25709.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-870/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.27937 | |
| foxit | pdf_reader | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F900FF8A-7BFA-442E-BC8C-5A3717961DD5",
"versionEndIncluding": "13.1.7.23637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C06BC41-9831-4AE3-B10B-3FC313D01580",
"versionEndIncluding": "2024.4.1.27687",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.27937:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC914F-B999-4233-8BEA-CA20B1F0D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB827B5A-9957-43B2-A633-EF5442A2EF35",
"versionEndIncluding": "2025.1.0.27937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Foxit Reader Update Service. The product loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Was ZDI-CAN-25709."
}
],
"id": "CVE-2025-9330",
"lastModified": "2025-09-08T13:52:46.100",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-09-02T21:15:35.703",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-870/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-9329
Vulnerability from fkie_nvd - Published: 2025-09-02 21:15 - Updated: 2025-09-08 13:51
Severity ?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26772.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-863/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.27937 | |
| foxit | pdf_reader | * | |
| microsoft | windows | - | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.66692 | |
| foxit | pdf_reader | * | |
| apple | macos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F900FF8A-7BFA-442E-BC8C-5A3717961DD5",
"versionEndIncluding": "13.1.7.23637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C06BC41-9831-4AE3-B10B-3FC313D01580",
"versionEndIncluding": "2024.4.1.27687",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.27937:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC914F-B999-4233-8BEA-CA20B1F0D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15A72A03-FFDA-4DCA-94C3-F154610F2A66",
"versionEndExcluding": "2025.1.0.27937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EDFD47-2811-431C-8535-91EE4090A9A8",
"versionEndIncluding": "13.1.7.63027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8785CCE-C44C-4908-9133-13A580D5BECB",
"versionEndIncluding": "2023.3.0.63083",
"versionStartIncluding": "2023.1.0.55583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF043D20-0E28-481C-8756-D1301FAE67D2",
"versionEndIncluding": "2024.4.1.66479",
"versionStartIncluding": "2024.1.0.63682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.66692:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FF839F-37E7-4AFA-85B1-FC98366B14E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6520861F-4458-4E63-AA62-CF3096AE0C41",
"versionEndIncluding": "2025.1.0.66692",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26772."
}
],
"id": "CVE-2025-9329",
"lastModified": "2025-09-08T13:51:41.663",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-09-02T21:15:35.537",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-863/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-9326
Vulnerability from fkie_nvd - Published: 2025-09-02 21:15 - Updated: 2025-09-08 13:52
Severity ?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26784.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-866/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.27937 | |
| foxit | pdf_reader | * | |
| microsoft | windows | - | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.66692 | |
| foxit | pdf_reader | * | |
| apple | macos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F900FF8A-7BFA-442E-BC8C-5A3717961DD5",
"versionEndIncluding": "13.1.7.23637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C06BC41-9831-4AE3-B10B-3FC313D01580",
"versionEndIncluding": "2024.4.1.27687",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.27937:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC914F-B999-4233-8BEA-CA20B1F0D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15A72A03-FFDA-4DCA-94C3-F154610F2A66",
"versionEndExcluding": "2025.1.0.27937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EDFD47-2811-431C-8535-91EE4090A9A8",
"versionEndIncluding": "13.1.7.63027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8785CCE-C44C-4908-9133-13A580D5BECB",
"versionEndIncluding": "2023.3.0.63083",
"versionStartIncluding": "2023.1.0.55583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF043D20-0E28-481C-8756-D1301FAE67D2",
"versionEndIncluding": "2024.4.1.66479",
"versionStartIncluding": "2024.1.0.63682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.66692:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FF839F-37E7-4AFA-85B1-FC98366B14E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6520861F-4458-4E63-AA62-CF3096AE0C41",
"versionEndIncluding": "2025.1.0.66692",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26784."
}
],
"id": "CVE-2025-9326",
"lastModified": "2025-09-08T13:52:16.540",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-09-02T21:15:35.047",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-866/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-9327
Vulnerability from fkie_nvd - Published: 2025-09-02 21:15 - Updated: 2025-09-08 13:51
Severity ?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26774.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-865/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.27937 | |
| foxit | pdf_reader | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F900FF8A-7BFA-442E-BC8C-5A3717961DD5",
"versionEndIncluding": "13.1.7.23637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C06BC41-9831-4AE3-B10B-3FC313D01580",
"versionEndIncluding": "2024.4.1.27687",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.27937:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC914F-B999-4233-8BEA-CA20B1F0D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15A72A03-FFDA-4DCA-94C3-F154610F2A66",
"versionEndExcluding": "2025.1.0.27937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26774."
}
],
"id": "CVE-2025-9327",
"lastModified": "2025-09-08T13:51:51.967",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-09-02T21:15:35.217",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-865/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-9328
Vulnerability from fkie_nvd - Published: 2025-09-02 21:15 - Updated: 2025-09-08 13:52
Severity ?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26773.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-864/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.27937 | |
| foxit | pdf_reader | * | |
| microsoft | windows | - | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.66692 | |
| foxit | pdf_reader | * | |
| apple | macos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F900FF8A-7BFA-442E-BC8C-5A3717961DD5",
"versionEndIncluding": "13.1.7.23637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C06BC41-9831-4AE3-B10B-3FC313D01580",
"versionEndIncluding": "2024.4.1.27687",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.27937:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC914F-B999-4233-8BEA-CA20B1F0D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15A72A03-FFDA-4DCA-94C3-F154610F2A66",
"versionEndExcluding": "2025.1.0.27937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EDFD47-2811-431C-8535-91EE4090A9A8",
"versionEndIncluding": "13.1.7.63027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8785CCE-C44C-4908-9133-13A580D5BECB",
"versionEndIncluding": "2023.3.0.63083",
"versionStartIncluding": "2023.1.0.55583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF043D20-0E28-481C-8756-D1301FAE67D2",
"versionEndIncluding": "2024.4.1.66479",
"versionStartIncluding": "2024.1.0.63682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.66692:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FF839F-37E7-4AFA-85B1-FC98366B14E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6520861F-4458-4E63-AA62-CF3096AE0C41",
"versionEndIncluding": "2025.1.0.66692",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26773."
}
],
"id": "CVE-2025-9328",
"lastModified": "2025-09-08T13:52:41.887",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-09-02T21:15:35.380",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-864/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-9324
Vulnerability from fkie_nvd - Published: 2025-09-02 21:15 - Updated: 2025-09-08 13:52
Severity ?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26802.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-868/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.27937 | |
| foxit | pdf_reader | * | |
| microsoft | windows | - | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.66692 | |
| foxit | pdf_reader | * | |
| apple | macos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F900FF8A-7BFA-442E-BC8C-5A3717961DD5",
"versionEndIncluding": "13.1.7.23637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C06BC41-9831-4AE3-B10B-3FC313D01580",
"versionEndIncluding": "2024.4.1.27687",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.27937:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC914F-B999-4233-8BEA-CA20B1F0D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15A72A03-FFDA-4DCA-94C3-F154610F2A66",
"versionEndExcluding": "2025.1.0.27937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EDFD47-2811-431C-8535-91EE4090A9A8",
"versionEndIncluding": "13.1.7.63027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8785CCE-C44C-4908-9133-13A580D5BECB",
"versionEndIncluding": "2023.3.0.63083",
"versionStartIncluding": "2023.1.0.55583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF043D20-0E28-481C-8756-D1301FAE67D2",
"versionEndIncluding": "2024.4.1.66479",
"versionStartIncluding": "2024.1.0.63682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.66692:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FF839F-37E7-4AFA-85B1-FC98366B14E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6520861F-4458-4E63-AA62-CF3096AE0C41",
"versionEndIncluding": "2025.1.0.66692",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26802."
}
],
"id": "CVE-2025-9324",
"lastModified": "2025-09-08T13:52:30.743",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-09-02T21:15:34.703",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-868/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-9323
Vulnerability from fkie_nvd - Published: 2025-09-02 21:15 - Updated: 2025-09-08 13:51
Severity ?
Summary
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-27101.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-869/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.27937 | |
| foxit | pdf_reader | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F900FF8A-7BFA-442E-BC8C-5A3717961DD5",
"versionEndIncluding": "13.1.7.23637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C06BC41-9831-4AE3-B10B-3FC313D01580",
"versionEndIncluding": "2024.4.1.27687",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.27937:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC914F-B999-4233-8BEA-CA20B1F0D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15A72A03-FFDA-4DCA-94C3-F154610F2A66",
"versionEndExcluding": "2025.1.0.27937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-27101."
}
],
"id": "CVE-2025-9323",
"lastModified": "2025-09-08T13:51:34.297",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-09-02T21:15:34.517",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-869/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-9325
Vulnerability from fkie_nvd - Published: 2025-09-02 21:15 - Updated: 2025-09-08 13:52
Severity ?
Summary
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26785.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-867/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.27937 | |
| foxit | pdf_reader | * | |
| microsoft | windows | - | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | 2025.1.0.66692 | |
| foxit | pdf_reader | * | |
| apple | macos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F900FF8A-7BFA-442E-BC8C-5A3717961DD5",
"versionEndIncluding": "13.1.7.23637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C06BC41-9831-4AE3-B10B-3FC313D01580",
"versionEndIncluding": "2024.4.1.27687",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.27937:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDC914F-B999-4233-8BEA-CA20B1F0D9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15A72A03-FFDA-4DCA-94C3-F154610F2A66",
"versionEndExcluding": "2025.1.0.27937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EDFD47-2811-431C-8535-91EE4090A9A8",
"versionEndIncluding": "13.1.7.63027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8785CCE-C44C-4908-9133-13A580D5BECB",
"versionEndIncluding": "2023.3.0.63083",
"versionStartIncluding": "2023.1.0.55583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF043D20-0E28-481C-8756-D1301FAE67D2",
"versionEndIncluding": "2024.4.1.66479",
"versionStartIncluding": "2024.1.0.63682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:2025.1.0.66692:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FF839F-37E7-4AFA-85B1-FC98366B14E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6520861F-4458-4E63-AA62-CF3096AE0C41",
"versionEndIncluding": "2025.1.0.66692",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26785."
}
],
"id": "CVE-2025-9325",
"lastModified": "2025-09-08T13:52:37.100",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-09-02T21:15:34.880",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-867/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-12751
Vulnerability from fkie_nvd - Published: 2024-12-30 21:15 - Updated: 2025-08-08 17:49
Severity ?
Summary
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25344.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-24-1737/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_reader | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "339F5AB9-C652-4A78-93F7-24C818B31210",
"versionEndIncluding": "11.2.11.54113",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AAB07B-8E4C-4D8B-B99E-929D789026F8",
"versionEndIncluding": "12.1.8.15703",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE219D6-B78F-4FA2-993B-3DBD0E80D447",
"versionEndIncluding": "13.1.4.23147",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFFDB2E-83D5-46FE-A680-E1E4272C390A",
"versionEndIncluding": "2024.3.0.26795",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF8FD69-3FF3-4432-B157-D2588B0C3E53",
"versionEndIncluding": "2024.3.0.26795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25344."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto por lectura fuera de los l\u00edmites en AcroForm de Foxit PDF Reader. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en la gesti\u00f3n de AcroForms. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede resultar en una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-25344."
}
],
"id": "CVE-2024-12751",
"lastModified": "2025-08-08T17:49:21.987",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-12-30T21:15:06.130",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1737/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-12753
Vulnerability from fkie_nvd - Published: 2024-12-30 21:15 - Updated: 2025-08-08 17:48
Severity ?
Summary
Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the product installer. By creating a junction, an attacker can abuse the installer process to create an arbitrary file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25408.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-24-1739/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_reader | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "339F5AB9-C652-4A78-93F7-24C818B31210",
"versionEndIncluding": "11.2.11.54113",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AAB07B-8E4C-4D8B-B99E-929D789026F8",
"versionEndIncluding": "12.1.8.15703",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE219D6-B78F-4FA2-993B-3DBD0E80D447",
"versionEndIncluding": "13.1.4.23147",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFFDB2E-83D5-46FE-A680-E1E4272C390A",
"versionEndIncluding": "2024.3.0.26795",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF8FD69-3FF3-4432-B157-D2588B0C3E53",
"versionEndIncluding": "2024.3.0.26795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the product installer. By creating a junction, an attacker can abuse the installer process to create an arbitrary file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25408."
},
{
"lang": "es",
"value": "Vulnerabilidad de escalada de privilegios locales en Foxit PDF Reader que sigue un enlace. Esta vulnerabilidad permite a los atacantes locales escalar privilegios en las instalaciones afectadas de Foxit PDF Reader. Un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con poco nivel de privilegios en el sistema de destino para explotar esta vulnerabilidad. La falla espec\u00edfica existe dentro del instalador del producto. Al crear una uni\u00f3n, un atacante puede abusar del proceso de instalaci\u00f3n para crear un archivo arbitrario. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar c\u00f3digo arbitrario en el contexto de SYSTEM. Era ZDI-CAN-25408."
}
],
"id": "CVE-2024-12753",
"lastModified": "2025-08-08T17:48:05.563",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-30T21:15:06.400",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1739/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-12752
Vulnerability from fkie_nvd - Published: 2024-12-30 21:15 - Updated: 2025-08-08 17:48
Severity ?
Summary
Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25345.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.foxit.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-24-1738/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_editor | * | |
| foxit | pdf_reader | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "339F5AB9-C652-4A78-93F7-24C818B31210",
"versionEndIncluding": "11.2.11.54113",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AAB07B-8E4C-4D8B-B99E-929D789026F8",
"versionEndIncluding": "12.1.8.15703",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE219D6-B78F-4FA2-993B-3DBD0E80D447",
"versionEndIncluding": "13.1.4.23147",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64",
"versionEndIncluding": "2023.3.0.23028",
"versionStartIncluding": "2023.1.0.15510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFFDB2E-83D5-46FE-A680-E1E4272C390A",
"versionEndIncluding": "2024.3.0.26795",
"versionStartIncluding": "2024.1.0.23997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF8FD69-3FF3-4432-B157-D2588B0C3E53",
"versionEndIncluding": "2024.3.0.26795",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25345."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por corrupci\u00f3n de memoria en AcroForm de Foxit PDF Reader. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Foxit PDF Reader. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en la gesti\u00f3n de AcroForms. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una condici\u00f3n de corrupci\u00f3n de memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-25345."
}
],
"id": "CVE-2024-12752",
"lastModified": "2025-08-08T17:48:43.627",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2024-12-30T21:15:06.260",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1738/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}