Skip to main content

Pdf Editor CVE-2024-30367

HIGH
Use After Free (CWE-416)
2024-04-02 zdi-disclosures@trendmicro.com
7.8
CVSS 3.0 · Vendor: trendmicro
Share

Severity by source

Vendor (trendmicro) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from Vendor (trendmicro) · only source for this CVE.

CVSS VectorVendor: trendmicro

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Apr 02, 2024 - 21:15 cve.org
HIGH 7.8

DescriptionCVE.org

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23013.

AnalysisAI

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23013. Affected products include: Foxit Pdf Editor, Foxit Pdf Reader.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.

CVE-2022-28104 CRITICAL POC
9.8 May 20

Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability. Rated critical severity (CVSS

CVE-2024-49576 HIGH POC
8.8 Dec 18

A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBF_Widget object. Rated

CVE-2024-47810 HIGH POC
8.8 Dec 18

A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. Rated high severi

CVE-2024-25938 HIGH POC
8.8 Apr 30

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. Rated high severi

CVE-2024-25648 HIGH POC
8.8 Apr 30

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. Rated high sever

CVE-2024-25575 HIGH POC
8.8 Apr 30

A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. Rated

CVE-2024-29072 HIGH POC
8.2 May 28

A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. Rated high severity (CVSS 8.2), this vul

CVE-2022-26979 HIGH POC
7.5 Aug 06

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a NULL pointer dereference when this.Span is used for

CVE-2022-27944 HIGH POC
7.5 Aug 06

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference. Rated high

CVE-2021-38563 CRITICAL
9.8 Aug 11

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. Rated critical severity (CVSS 9.

CVE-2022-27359 MEDIUM POC
5.5 May 05

Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a this.maildoc NULL pointer dereference. Rated medium

CVE-2021-38564 CRITICAL
9.1 Aug 11

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. Rated critical severity (CVSS 9.

Share

CVE-2024-30367 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy