Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2024-0552
Vulnerability from csaf_certbund
Published
2024-03-04 23:00
Modified
2024-04-28 22:00
Summary
Foxit Reader: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Foxit Reader ist ein PDF Reader.
Foxit PDF Editor ist ein Tool zur Bearbeitung von PDF-Dateien.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Foxit Reader und Foxit PDF Editor ausnutzen, um seine Privilegien zu erhöhen, Code Auszuführen, Informationen offenzulegen oder einen Denial of Service zu verursachen.
Betroffene Betriebssysteme
- MacOS X
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Foxit Reader ist ein PDF Reader.\r\nFoxit PDF Editor ist ein Tool zur Bearbeitung von PDF-Dateien.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Foxit Reader und Foxit PDF Editor ausnutzen, um seine Privilegien zu erh\u00f6hen, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0552 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0552.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0552 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0552"
},
{
"category": "external",
"summary": "Foxit Security Bulletins vom 2024-03-04",
"url": "https://www.foxit.com/support/security-bulletins.html"
},
{
"category": "external",
"summary": "Foxit Security Bulletins vom 2024-04-28",
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source_lang": "en-US",
"title": "Foxit Reader: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-04-28T22:00:00.000+00:00",
"generator": {
"date": "2024-04-29T08:04:43.514+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2024-0552",
"initial_release_date": "2024-03-04T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-03-04T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-03-05T23:00:00.000+00:00",
"number": "2",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2024-04-02T22:00:00.000+00:00",
"number": "3",
"summary": "CVE-2024-30371 erg\u00e4nzt"
},
{
"date": "2024-04-14T22:00:00.000+00:00",
"number": "4",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2024-04-28T22:00:00.000+00:00",
"number": "5",
"summary": "Weitere Updates und CVE Nummern von Foxit aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2024.1",
"product": {
"name": "Foxit PDF Editor \u003c2024.1",
"product_id": "T033242",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:2024.1"
}
}
},
{
"category": "product_version_range",
"name": "for mac \u003c2024.1",
"product": {
"name": "Foxit PDF Editor for mac \u003c2024.1",
"product_id": "T033243",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:for_mac_2024.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.9",
"product": {
"name": "Foxit PDF Editor \u003c11.2.9",
"product_id": "T034414",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:11.2.9"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.1.5",
"product": {
"name": "Foxit PDF Editor \u003c12.1.5",
"product_id": "T034415",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:12.1.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c13.1",
"product": {
"name": "Foxit PDF Editor \u003c13.1",
"product_id": "T034416",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:13.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2024.2",
"product": {
"name": "Foxit PDF Editor \u003c2024.2",
"product_id": "T034417",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:2024.2"
}
}
},
{
"category": "product_version_range",
"name": "for Mac \u003c11.1.7",
"product": {
"name": "Foxit PDF Editor for Mac \u003c11.1.7",
"product_id": "T034418",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:for_mac__11.1.7"
}
}
},
{
"category": "product_version_range",
"name": "for Mac \u003c12.1.3",
"product": {
"name": "Foxit PDF Editor for Mac \u003c12.1.3",
"product_id": "T034419",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:for_mac__12.1.3"
}
}
},
{
"category": "product_version_range",
"name": "for Mac \u003c13.1",
"product": {
"name": "Foxit PDF Editor for Mac \u003c13.1",
"product_id": "T034420",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:for_mac__13.1"
}
}
},
{
"category": "product_version_range",
"name": "for Mac \u003c2024.2",
"product": {
"name": "Foxit PDF Editor for Mac \u003c2024.2",
"product_id": "T034421",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:pdf_editor:for_mac__2024.2"
}
}
}
],
"category": "product_name",
"name": "PDF Editor"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2024.1",
"product": {
"name": "Foxit Reader \u003c2024.1",
"product_id": "T033241",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:foxit_reader:2024.1"
}
}
},
{
"category": "product_version_range",
"name": "for mac \u003c2024.1",
"product": {
"name": "Foxit Reader for mac \u003c2024.1",
"product_id": "T033244",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:foxit_reader:for_mac__2024.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2024.2",
"product": {
"name": "Foxit Reader \u003c2024.2",
"product_id": "T034422",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:foxit_reader:2024.2"
}
}
},
{
"category": "product_version_range",
"name": "for Mac \u003c2024.2",
"product": {
"name": "Foxit Reader for Mac \u003c2024.2",
"product_id": "T034423",
"product_identification_helper": {
"cpe": "cpe:/a:foxitsoftware:foxit_reader:for_mac__2024.2"
}
}
}
],
"category": "product_name",
"name": "Reader"
}
],
"category": "vendor",
"name": "Foxit"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25575",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-25575"
},
{
"cve": "CVE-2024-25648",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-25648"
},
{
"cve": "CVE-2024-25858",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-25858"
},
{
"cve": "CVE-2024-25938",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-25938"
},
{
"cve": "CVE-2024-30322",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30322"
},
{
"cve": "CVE-2024-30323",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30323"
},
{
"cve": "CVE-2024-30324",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30324"
},
{
"cve": "CVE-2024-30325",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30325"
},
{
"cve": "CVE-2024-30326",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30326"
},
{
"cve": "CVE-2024-30327",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30327"
},
{
"cve": "CVE-2024-30328",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30328"
},
{
"cve": "CVE-2024-30329",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30329"
},
{
"cve": "CVE-2024-30330",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30330"
},
{
"cve": "CVE-2024-30331",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30331"
},
{
"cve": "CVE-2024-30332",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30332"
},
{
"cve": "CVE-2024-30333",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30333"
},
{
"cve": "CVE-2024-30334",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30334"
},
{
"cve": "CVE-2024-30335",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30335"
},
{
"cve": "CVE-2024-30336",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30336"
},
{
"cve": "CVE-2024-30337",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30337"
},
{
"cve": "CVE-2024-30338",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30338"
},
{
"cve": "CVE-2024-30339",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30339"
},
{
"cve": "CVE-2024-30340",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30340"
},
{
"cve": "CVE-2024-30341",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30341"
},
{
"cve": "CVE-2024-30342",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30342"
},
{
"cve": "CVE-2024-30343",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30343"
},
{
"cve": "CVE-2024-30344",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30344"
},
{
"cve": "CVE-2024-30345",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30345"
},
{
"cve": "CVE-2024-30346",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30346"
},
{
"cve": "CVE-2024-30347",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30347"
},
{
"cve": "CVE-2024-30348",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30348"
},
{
"cve": "CVE-2024-30349",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30349"
},
{
"cve": "CVE-2024-30350",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30350"
},
{
"cve": "CVE-2024-30351",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30351"
},
{
"cve": "CVE-2024-30352",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30352"
},
{
"cve": "CVE-2024-30353",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30353"
},
{
"cve": "CVE-2024-30354",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30354"
},
{
"cve": "CVE-2024-30355",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30355"
},
{
"cve": "CVE-2024-30356",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30356"
},
{
"cve": "CVE-2024-30357",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30357"
},
{
"cve": "CVE-2024-30358",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30358"
},
{
"cve": "CVE-2024-30359",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30359"
},
{
"cve": "CVE-2024-30360",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30360"
},
{
"cve": "CVE-2024-30361",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30361"
},
{
"cve": "CVE-2024-30362",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30362"
},
{
"cve": "CVE-2024-30363",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30363"
},
{
"cve": "CVE-2024-30364",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30364"
},
{
"cve": "CVE-2024-30365",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30365"
},
{
"cve": "CVE-2024-30366",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30366"
},
{
"cve": "CVE-2024-30367",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30367"
},
{
"cve": "CVE-2024-30371",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-30371"
},
{
"cve": "CVE-2024-32488",
"notes": [
{
"category": "description",
"text": "In Foxit Reader und Foxit PDF Editor existieren mehrere Schwachstellen. Diese beruhen unter anderem auf Use-After-Free- oder Out-of-Bounds-Read/Write-Problemen, Nullpointer-Referenzierungen, Typverwechslungen und ungen\u00fcgenden \u00dcberpr\u00fcfungen von Updates. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Rechte zu erweitern, Code Auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T033241",
"T033244",
"T033242",
"T033243"
]
},
"release_date": "2024-03-04T23:00:00Z",
"title": "CVE-2024-32488"
}
]
}
cve-2024-30325
Vulnerability from cvelistv5
Published
2024-04-03 16:21
Modified
2024-08-08 21:07
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22592.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-314/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:06.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-314",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-314/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThan": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T17:50:53.283933Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T21:07:07.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.401-05:00",
"datePublic": "2024-03-28T07:38:19.824-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22592."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:21:32.080Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-314",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-314/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30325",
"datePublished": "2024-04-03T16:21:32.080Z",
"dateReserved": "2024-03-26T18:52:36.409Z",
"dateUpdated": "2024-08-08T21:07:07.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30323
Vulnerability from cvelistv5
Published
2024-04-03 16:21
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22501.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-301/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30323",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T17:36:00.882639Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:18:20.667Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-301",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-301/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.383-05:00",
"datePublic": "2024-03-28T07:37:21.584-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22501."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:21:07.052Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-301",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-301/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30323",
"datePublished": "2024-04-03T16:21:07.052Z",
"dateReserved": "2024-03-26T18:52:36.409Z",
"dateUpdated": "2024-08-02T01:32:07.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30338
Vulnerability from cvelistv5
Published
2024-04-02 20:11
Modified
2024-08-08 21:08
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22705.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-319/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.141Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-319",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-319/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThan": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T20:07:07.357336Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T21:08:45.356Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.501-05:00",
"datePublic": "2024-03-28T07:38:47.088-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22705."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:11:07.857Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-319",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-319/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30338",
"datePublished": "2024-04-02T20:11:07.857Z",
"dateReserved": "2024-03-26T18:52:36.411Z",
"dateUpdated": "2024-08-08T21:08:45.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30335
Vulnerability from cvelistv5
Published
2024-04-02 17:48
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22641.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-304/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30335",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-02T20:02:11.298688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:17:39.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-304",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-304/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.477-05:00",
"datePublic": "2024-03-28T07:37:33.493-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22641."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T17:48:13.134Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-304",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-304/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30335",
"datePublished": "2024-04-02T17:48:13.134Z",
"dateReserved": "2024-03-26T18:52:36.411Z",
"dateUpdated": "2024-08-02T01:32:07.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30337
Vulnerability from cvelistv5
Published
2024-04-02 20:10
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22704.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-318/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30337",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T17:18:52.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-318",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-318/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.495-05:00",
"datePublic": "2024-03-28T07:38:42.930-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22704."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:10:46.578Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-318",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-318/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30337",
"datePublished": "2024-04-02T20:10:46.578Z",
"dateReserved": "2024-03-26T18:52:36.411Z",
"dateUpdated": "2024-08-02T01:32:07.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30361
Vulnerability from cvelistv5
Published
2024-04-02 20:17
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22877.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-338/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T18:07:35.621Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-338",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-338/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.650-05:00",
"datePublic": "2024-03-28T07:40:09.655-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22877."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:17:53.853Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-338",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-338/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30361",
"datePublished": "2024-04-02T20:17:53.853Z",
"dateReserved": "2024-03-26T18:52:36.415Z",
"dateUpdated": "2024-08-02T01:32:07.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30357
Vulnerability from cvelistv5
Published
2024-04-02 20:16
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22818.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-331/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:12:46.634Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-331",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-331/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.625-05:00",
"datePublic": "2024-03-28T07:39:36.689-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22818."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:16:10.523Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-331",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-331/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30357",
"datePublished": "2024-04-02T20:16:10.523Z",
"dateReserved": "2024-03-26T18:52:36.415Z",
"dateUpdated": "2024-08-02T01:32:07.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30346
Vulnerability from cvelistv5
Published
2024-04-02 20:13
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22745.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-324/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30346",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:53:26.170Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-324",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-324/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.552-05:00",
"datePublic": "2024-03-28T07:39:06.501-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22745."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:13:32.142Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-324",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-324/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30346",
"datePublished": "2024-04-02T20:13:32.142Z",
"dateReserved": "2024-03-26T18:52:36.412Z",
"dateUpdated": "2024-08-02T01:32:07.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30342
Vulnerability from cvelistv5
Published
2024-04-02 20:12
Modified
2024-08-12 18:59
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22720.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-322/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-322",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-322/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThan": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30342",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T18:18:33.335003Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T18:59:09.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.528-05:00",
"datePublic": "2024-03-28T07:38:58.627-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22720."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:12:08.125Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-322",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-322/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30342",
"datePublished": "2024-04-02T20:12:08.125Z",
"dateReserved": "2024-03-26T18:52:36.412Z",
"dateUpdated": "2024-08-12T18:59:09.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30366
Vulnerability from cvelistv5
Published
2024-04-03 16:24
Modified
2024-08-08 21:06
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23002.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-344/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.051Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-344",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-344/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30366",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T20:01:03.780526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T21:06:33.758Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.689-05:00",
"datePublic": "2024-03-28T07:40:37.655-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23002."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:24:26.378Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-344",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-344/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30366",
"datePublished": "2024-04-03T16:24:26.378Z",
"dateReserved": "2024-03-26T18:52:36.418Z",
"dateUpdated": "2024-08-08T21:06:33.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30329
Vulnerability from cvelistv5
Published
2024-04-03 16:22
Modified
2024-08-27 15:31
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22634.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-310/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.096Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-310",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-310/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30329",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T15:31:16.503015Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T15:31:32.268Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.430-05:00",
"datePublic": "2024-03-28T07:38:02.461-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22634."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:22:37.379Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-310",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-310/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30329",
"datePublished": "2024-04-03T16:22:37.379Z",
"dateReserved": "2024-03-26T18:52:36.410Z",
"dateUpdated": "2024-08-27T15:31:32.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30341
Vulnerability from cvelistv5
Published
2024-04-02 20:11
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22709.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-315/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30341",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T14:18:46.682405Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:43.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-315",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-315/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.522-05:00",
"datePublic": "2024-03-28T07:38:24.040-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22709."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:11:57.116Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-315",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-315/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30341",
"datePublished": "2024-04-02T20:11:57.116Z",
"dateReserved": "2024-03-26T18:52:36.412Z",
"dateUpdated": "2024-08-02T01:32:07.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30339
Vulnerability from cvelistv5
Published
2024-04-02 20:11
Modified
2024-08-08 21:08
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22706.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-317/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.154Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-317",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-317/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThan": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30339",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T20:06:08.801833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T21:08:12.597Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.510-05:00",
"datePublic": "2024-03-28T07:38:38.473-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22706."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:11:25.499Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-317",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-317/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30339",
"datePublished": "2024-04-02T20:11:25.499Z",
"dateReserved": "2024-03-26T18:52:36.412Z",
"dateUpdated": "2024-08-08T21:08:12.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30364
Vulnerability from cvelistv5
Published
2024-04-02 20:18
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23009.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-341/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30364",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T17:26:14.765056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:38:50.017Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-341",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-341/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.673-05:00",
"datePublic": "2024-03-28T07:40:25.846-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23009."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:18:33.776Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-341",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-341/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30364",
"datePublished": "2024-04-02T20:18:33.776Z",
"dateReserved": "2024-03-26T18:52:36.417Z",
"dateUpdated": "2024-08-02T01:32:07.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-32488
Vulnerability from cvelistv5
Published
2024-04-15 00:00
Modified
2024-08-09 15:38
Severity ?
EPSS score ?
Summary
In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:13:39.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-32488",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T13:34:40.305398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T15:38:30.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-15T05:46:38.350554",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-32488",
"datePublished": "2024-04-15T00:00:00",
"dateReserved": "2024-04-15T00:00:00",
"dateUpdated": "2024-08-09T15:38:30.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30363
Vulnerability from cvelistv5
Published
2024-04-02 20:18
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23008.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-342/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30363",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T15:42:53.142458Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:38:39.086Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-342",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-342/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.667-05:00",
"datePublic": "2024-03-28T07:40:29.961-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23008."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:18:20.890Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-342",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-342/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30363",
"datePublished": "2024-04-02T20:18:20.890Z",
"dateReserved": "2024-03-26T18:52:36.417Z",
"dateUpdated": "2024-08-02T01:32:07.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30362
Vulnerability from cvelistv5
Published
2024-04-02 20:18
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22798.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-339/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30362",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T18:06:30.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-339",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-339/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.659-05:00",
"datePublic": "2024-03-28T07:40:16.491-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22798."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:18:04.752Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-339",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-339/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30362",
"datePublished": "2024-04-02T20:18:04.752Z",
"dateReserved": "2024-03-26T18:52:36.417Z",
"dateUpdated": "2024-08-02T01:32:07.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30367
Vulnerability from cvelistv5
Published
2024-04-02 20:27
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23013.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-345/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T18:05:40.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-345",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-345/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.695-05:00",
"datePublic": "2024-03-28T07:40:42.219-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23013."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:27:37.842Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-345",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-345/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30367",
"datePublished": "2024-04-02T20:27:37.842Z",
"dateReserved": "2024-03-26T18:52:36.418Z",
"dateUpdated": "2024-08-02T01:32:07.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30349
Vulnerability from cvelistv5
Published
2024-04-02 20:14
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22912.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-325/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:15:22.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-325",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-325/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.571-05:00",
"datePublic": "2024-03-28T07:39:10.725-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22912."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:14:09.849Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-325",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-325/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30349",
"datePublished": "2024-04-02T20:14:09.849Z",
"dateReserved": "2024-03-26T18:52:36.413Z",
"dateUpdated": "2024-08-02T01:32:07.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30347
Vulnerability from cvelistv5
Published
2024-04-02 20:13
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22910.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-327/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30347",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T14:24:04.547992Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:27.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-327",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-327/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.558-05:00",
"datePublic": "2024-03-28T07:39:19.390-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22910."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:13:44.724Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-327",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-327/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30347",
"datePublished": "2024-04-02T20:13:44.724Z",
"dateReserved": "2024-03-26T18:52:36.413Z",
"dateUpdated": "2024-08-02T01:32:07.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30344
Vulnerability from cvelistv5
Published
2024-04-02 20:12
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22733.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-320/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30344",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:54:52.781Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-320",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-320/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.540-05:00",
"datePublic": "2024-03-28T07:38:50.787-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22733."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:12:54.900Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-320",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-320/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30344",
"datePublished": "2024-04-02T20:12:54.900Z",
"dateReserved": "2024-03-26T18:52:36.412Z",
"dateUpdated": "2024-08-02T01:32:07.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30345
Vulnerability from cvelistv5
Published
2024-04-02 20:13
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22742.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-323/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T17:54:45.884Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-323",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-323/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.546-05:00",
"datePublic": "2024-03-28T07:39:02.686-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22742."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:13:20.386Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-323",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-323/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30345",
"datePublished": "2024-04-02T20:13:20.386Z",
"dateReserved": "2024-03-26T18:52:36.412Z",
"dateUpdated": "2024-08-02T01:32:07.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25858
Vulnerability from cvelistv5
Published
2024-03-05 00:00
Modified
2024-08-19 20:36
Severity ?
EPSS score ?
Summary
In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:05.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
},
{
"lessThan": "12.1.4.15400",
"status": "affected",
"version": "12.0",
"versionType": "custom"
},
{
"lessThan": "11.2.8.53842",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25858",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T19:25:28.842861Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T20:36:07.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an unoptimized prompt message for users to review parameters of commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-05T20:23:17.918491",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25858",
"datePublished": "2024-03-05T00:00:00",
"dateReserved": "2024-02-12T00:00:00",
"dateUpdated": "2024-08-19T20:36:07.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30348
Vulnerability from cvelistv5
Published
2024-04-02 20:13
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22911.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-326/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30348",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:15:49.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.173Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-326",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-326/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.565-05:00",
"datePublic": "2024-03-28T07:39:15.125-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22911."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:13:57.509Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-326",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-326/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30348",
"datePublished": "2024-04-02T20:13:57.509Z",
"dateReserved": "2024-03-26T18:52:36.413Z",
"dateUpdated": "2024-08-02T01:32:07.173Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30365
Vulnerability from cvelistv5
Published
2024-04-02 20:18
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22947.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-343/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T18:06:05.070Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-343",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-343/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.681-05:00",
"datePublic": "2024-03-28T07:40:33.911-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22947."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:18:43.270Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-343",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-343/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30365",
"datePublished": "2024-04-02T20:18:43.270Z",
"dateReserved": "2024-03-26T18:52:36.417Z",
"dateUpdated": "2024-08-02T01:32:07.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30324
Vulnerability from cvelistv5
Published
2024-04-03 16:21
Modified
2024-08-08 21:07
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22576.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-302/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-302",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-302/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThan": "2023.2.0.21408",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T20:01:37.860276Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T21:07:42.157Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.392-05:00",
"datePublic": "2024-03-28T07:37:25.404-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22576."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:21:19.087Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-302",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-302/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30324",
"datePublished": "2024-04-03T16:21:19.087Z",
"dateReserved": "2024-03-26T18:52:36.409Z",
"dateUpdated": "2024-08-08T21:07:42.157Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25575
Vulnerability from cvelistv5
Published
2024-04-30 14:38
Modified
2024-08-01 23:44
Severity ?
EPSS score ?
Summary
A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | Foxit Reader |
Version: 2024.1.0.23997 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxitsoftware:foxit_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "foxit_reader",
"vendor": "foxitsoftware",
"versions": [
{
"lessThanOrEqual": "2024.1.0.23997",
"status": "affected",
"version": "2024.1.0.23997 ",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25575",
"options": [
{
"Exploitation": "PoC"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T04:00:19.116944Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:35:31.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:44:09.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1963",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1963"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Foxit Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.1.0.23997"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by KPC of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-30T17:00:07.967Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1963",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1963"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-25575",
"datePublished": "2024-04-30T14:38:39.114Z",
"dateReserved": "2024-03-25T17:27:29.446Z",
"dateUpdated": "2024-08-01T23:44:09.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30322
Vulnerability from cvelistv5
Published
2024-04-03 16:20
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22499.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-300/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:2023.2.0.21408:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30322",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T18:54:49.816017Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T20:27:08.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-300",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-300/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.360-05:00",
"datePublic": "2024-03-28T07:37:16.377-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22499."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:20:39.122Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-300",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-300/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30322",
"datePublished": "2024-04-03T16:20:39.122Z",
"dateReserved": "2024-03-26T18:52:36.408Z",
"dateUpdated": "2024-08-02T01:32:07.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30354
Vulnerability from cvelistv5
Published
2024-04-02 20:15
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22808.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-332/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:13:30.713Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-332",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-332/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.606-05:00",
"datePublic": "2024-03-28T07:39:40.964-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22808."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:15:26.857Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-332",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-332/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30354",
"datePublished": "2024-04-02T20:15:26.857Z",
"dateReserved": "2024-03-26T18:52:36.414Z",
"dateUpdated": "2024-08-02T01:32:07.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30371
Vulnerability from cvelistv5
Published
2024-04-02 20:28
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23355.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-346/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T18:05:06.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-346",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-346/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.721-05:00",
"datePublic": "2024-03-28T07:40:49.120-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23355."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:28:59.183Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-346",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-346/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30371",
"datePublished": "2024-04-02T20:28:59.183Z",
"dateReserved": "2024-03-26T18:52:36.419Z",
"dateUpdated": "2024-08-02T01:32:07.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30334
Vulnerability from cvelistv5
Published
2024-04-03 16:24
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22640.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-306/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:2023.2.0.21408:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30334",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T18:55:38.361225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T20:26:25.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-306",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-306/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.468-05:00",
"datePublic": "2024-03-28T07:37:42.193-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22640."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:24:04.350Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-306",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-306/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30334",
"datePublished": "2024-04-03T16:24:04.350Z",
"dateReserved": "2024-03-26T18:52:36.411Z",
"dateUpdated": "2024-08-02T01:32:07.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30336
Vulnerability from cvelistv5
Published
2024-04-02 20:10
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22642.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-303/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30336",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:16:50.237Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-303",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-303/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.487-05:00",
"datePublic": "2024-03-28T07:37:29.727-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22642."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:10:27.749Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-303",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-303/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30336",
"datePublished": "2024-04-02T20:10:27.749Z",
"dateReserved": "2024-03-26T18:52:36.411Z",
"dateUpdated": "2024-08-02T01:32:07.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30355
Vulnerability from cvelistv5
Published
2024-04-02 20:15
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22809.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-337/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T12:27:32.440489Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T19:19:08.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-337",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-337/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.613-05:00",
"datePublic": "2024-03-28T07:40:05.914-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22809."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:15:37.031Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-337",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-337/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30355",
"datePublished": "2024-04-02T20:15:37.031Z",
"dateReserved": "2024-03-26T18:52:36.414Z",
"dateUpdated": "2024-08-02T01:32:07.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30358
Vulnerability from cvelistv5
Published
2024-04-02 20:17
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22821.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-330/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:18:49.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-330",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-330/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.632-05:00",
"datePublic": "2024-03-28T07:39:32.462-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22821."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:17:11.501Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-330",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-330/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30358",
"datePublished": "2024-04-02T20:17:11.501Z",
"dateReserved": "2024-03-26T18:52:36.415Z",
"dateUpdated": "2024-08-02T01:32:07.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30351
Vulnerability from cvelistv5
Published
2024-04-02 20:14
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22799.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-328/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:14:38.076Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-328",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-328/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.586-05:00",
"datePublic": "2024-03-28T07:39:23.260-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22799."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:14:37.138Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-328",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-328/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30351",
"datePublished": "2024-04-02T20:14:37.138Z",
"dateReserved": "2024-03-26T18:52:36.413Z",
"dateUpdated": "2024-08-02T01:32:07.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30353
Vulnerability from cvelistv5
Published
2024-04-02 20:15
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22807.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-334/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30353",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:14:24.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-334",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-334/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.601-05:00",
"datePublic": "2024-03-28T07:39:49.609-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22807."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:15:15.599Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-334",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-334/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30353",
"datePublished": "2024-04-02T20:15:15.599Z",
"dateReserved": "2024-03-26T18:52:36.414Z",
"dateUpdated": "2024-08-02T01:32:07.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30327
Vulnerability from cvelistv5
Published
2024-04-03 16:22
Modified
2024-08-27 19:48
Severity ?
EPSS score ?
Summary
Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of template objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22632.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-311/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-311",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-311/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30327",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T18:18:07.539169Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T19:48:02.803Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.416-05:00",
"datePublic": "2024-03-28T07:38:06.383-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of template objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22632."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:22:11.355Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-311",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-311/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30327",
"datePublished": "2024-04-03T16:22:11.355Z",
"dateReserved": "2024-03-26T18:52:36.409Z",
"dateUpdated": "2024-08-27T19:48:02.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30331
Vulnerability from cvelistv5
Published
2024-04-03 16:23
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22637.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-308/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.2.55366",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.1.6.0109",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2023.3.0.63083",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30331",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T18:02:58.876Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-308",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-308/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.446-05:00",
"datePublic": "2024-03-28T07:37:50.333-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22637."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:23:02.442Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-308",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-308/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30331",
"datePublished": "2024-04-03T16:23:02.442Z",
"dateReserved": "2024-03-26T18:52:36.410Z",
"dateUpdated": "2024-08-02T01:32:07.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30359
Vulnerability from cvelistv5
Published
2024-04-02 20:17
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of 3D objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22888.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-329/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30359",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:12:00.656Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-329",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-329/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.639-05:00",
"datePublic": "2024-03-28T07:39:27.433-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of 3D objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22888."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:17:26.652Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-329",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-329/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30359",
"datePublished": "2024-04-02T20:17:26.652Z",
"dateReserved": "2024-03-26T18:52:36.415Z",
"dateUpdated": "2024-08-02T01:32:07.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25648
Vulnerability from cvelistv5
Published
2024-04-30 14:38
Modified
2024-08-01 23:44
Severity ?
EPSS score ?
Summary
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | Foxit Reader |
Version: 2024.1.0.23997 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxitsoftware:foxit_reader:2024.1.0.23997:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "foxit_reader",
"vendor": "foxitsoftware",
"versions": [
{
"status": "affected",
"version": "2024.1.0.23997"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25648",
"options": [
{
"Exploitation": "PoC"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T04:00:17.480977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:35:16.481Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:44:09.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1959",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1959"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Foxit Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.1.0.23997"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by KPC of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-30T17:00:07.549Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1959",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1959"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-25648",
"datePublished": "2024-04-30T14:38:39.662Z",
"dateReserved": "2024-03-15T11:43:20.146Z",
"dateUpdated": "2024-08-01T23:44:09.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30340
Vulnerability from cvelistv5
Published
2024-04-02 20:11
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22707.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-321/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30340",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T12:24:24.369213Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:35.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-321",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-321/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.516-05:00",
"datePublic": "2024-03-28T07:38:54.731-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22707."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:11:42.967Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-321",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-321/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30340",
"datePublished": "2024-04-02T20:11:42.967Z",
"dateReserved": "2024-03-26T18:52:36.412Z",
"dateUpdated": "2024-08-02T01:32:07.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30350
Vulnerability from cvelistv5
Published
2024-04-02 20:14
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22708.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-333/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T14:57:04.856083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:05.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-333",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-333/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.578-05:00",
"datePublic": "2024-03-28T07:39:45.696-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22708."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:14:25.960Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-333",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-333/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30350",
"datePublished": "2024-04-02T20:14:25.960Z",
"dateReserved": "2024-03-26T18:52:36.413Z",
"dateUpdated": "2024-08-02T01:32:07.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25938
Vulnerability from cvelistv5
Published
2024-04-30 14:38
Modified
2024-08-01 23:52
Severity ?
EPSS score ?
Summary
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | Foxit Reader |
Version: 2024.1.0.23997 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "2024.1.0.23997"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25938",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-30T20:05:23.341015Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:35:29.088Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1958",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Foxit Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.1.0.23997"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by KPC of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-30T17:00:07.157Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1958",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1958"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-25938",
"datePublished": "2024-04-30T14:38:40.223Z",
"dateReserved": "2024-03-13T09:26:22.222Z",
"dateUpdated": "2024-08-01T23:52:06.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30333
Vulnerability from cvelistv5
Published
2024-04-03 16:23
Modified
2024-08-27 13:30
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22639.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-307/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-307",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-307/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:2023.2.0.21408:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30333",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T19:41:50.667328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T13:30:17.162Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.460-05:00",
"datePublic": "2024-03-28T07:37:46.197-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22639."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:23:28.166Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-307",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-307/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30333",
"datePublished": "2024-04-03T16:23:28.166Z",
"dateReserved": "2024-03-26T18:52:36.411Z",
"dateUpdated": "2024-08-27T13:30:17.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30356
Vulnerability from cvelistv5
Published
2024-04-02 20:15
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22811.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-336/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30356",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:22:02.884315Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:39:34.564Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-336",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-336/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.619-05:00",
"datePublic": "2024-03-28T07:39:59.102-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22811."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:15:57.029Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-336",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-336/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30356",
"datePublished": "2024-04-02T20:15:57.029Z",
"dateReserved": "2024-03-26T18:52:36.415Z",
"dateUpdated": "2024-08-02T01:32:07.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30326
Vulnerability from cvelistv5
Published
2024-04-03 16:21
Modified
2024-09-06 18:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22593.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-313/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-313",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-313/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1.12.37872",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30326",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T17:47:16.540610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T18:32:34.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.409-05:00",
"datePublic": "2024-03-28T07:38:15.020-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22593."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:21:52.538Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-313",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-313/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30326",
"datePublished": "2024-04-03T16:21:52.538Z",
"dateReserved": "2024-03-26T18:52:36.409Z",
"dateUpdated": "2024-09-06T18:32:34.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30352
Vulnerability from cvelistv5
Published
2024-04-02 20:15
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22800.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-335/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30352",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T19:14:30.707Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-335",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-335/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.594-05:00",
"datePublic": "2024-03-28T07:39:54.461-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22800."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:15:02.950Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-335",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-335/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30352",
"datePublished": "2024-04-02T20:15:02.950Z",
"dateReserved": "2024-03-26T18:52:36.414Z",
"dateUpdated": "2024-08-02T01:32:07.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30328
Vulnerability from cvelistv5
Published
2024-04-03 16:22
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22633.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-312/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:2023.2.0.21408:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30328",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T13:51:18.312651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T14:10:04.490Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:06.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-312",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-312/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.423-05:00",
"datePublic": "2024-03-28T07:38:10.808-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22633."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:22:22.251Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-312",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-312/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30328",
"datePublished": "2024-04-03T16:22:22.251Z",
"dateReserved": "2024-03-26T18:52:36.409Z",
"dateUpdated": "2024-08-02T01:32:06.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30330
Vulnerability from cvelistv5
Published
2024-04-03 16:22
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22636.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-309/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-04T15:58:06.466962Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T14:04:33.857Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-309",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-309/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.439-05:00",
"datePublic": "2024-03-28T07:37:56.622-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22636."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:22:48.825Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-309",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-309/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30330",
"datePublished": "2024-04-03T16:22:48.825Z",
"dateReserved": "2024-03-26T18:52:36.410Z",
"dateUpdated": "2024-08-02T01:32:07.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30343
Vulnerability from cvelistv5
Published
2024-04-02 20:12
Modified
2024-09-06 16:20
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22721.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-316/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-316",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-316/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30343",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T17:48:52.076437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T16:20:39.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.534-05:00",
"datePublic": "2024-03-28T07:38:28.815-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22721."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:12:18.694Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-316",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-316/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30343",
"datePublished": "2024-04-02T20:12:18.694Z",
"dateReserved": "2024-03-26T18:52:36.412Z",
"dateUpdated": "2024-09-06T16:20:39.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30332
Vulnerability from cvelistv5
Published
2024-04-03 16:23
Modified
2024-08-12 18:58
Severity ?
EPSS score ?
Summary
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22638.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-305/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.2.0.21408 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-305",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-305/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30332",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T20:04:03.613179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T18:58:37.992Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.2.0.21408"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.453-05:00",
"datePublic": "2024-03-28T07:37:38.323-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22638."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:23:12.387Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-305",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-305/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30332",
"datePublished": "2024-04-03T16:23:12.387Z",
"dateReserved": "2024-03-26T18:52:36.411Z",
"dateUpdated": "2024-08-12T18:58:37.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-30360
Vulnerability from cvelistv5
Published
2024-04-02 20:17
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22797.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-340/ | x_research-advisory | |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Foxit | PDF Reader |
Version: 2023.3.0.23028 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_reader",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.8.53842",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "12.1.4.15400",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThan": "13.0.1.21693",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "2023.3.0.23028",
"status": "affected",
"version": "2023.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30360",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T13:19:53.298836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-19T18:08:06.310Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-340",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-340/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2023.3.0.23028"
}
]
}
],
"dateAssigned": "2024-03-26T14:40:42.645-05:00",
"datePublic": "2024-03-28T07:40:21.037-05:00",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22797."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T20:17:40.995Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-340",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-340/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-30360",
"datePublished": "2024-04-02T20:17:40.995Z",
"dateReserved": "2024-03-26T18:52:36.415Z",
"dateUpdated": "2024-08-02T01:32:07.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.