Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2023-38115

3.3LOW

Key Information:

Vendor

Foxit
Status
PDF Reader
Vendor
CVE Published:
3 May 2024

What is CVE-2023-38115?

An Out-Of-Bounds Read vulnerability has been identified in Foxit PDF Reader, specifically within its handling of Doc objects. This flaw arises due to insufficient validation of user-supplied data, allowing potential read access beyond the allocated buffer. An attacker can exploit this issue by persuading a user to visit a malicious webpage or open a compromised file, thereby exposing sensitive information contained in the application. This vulnerability may be leveraged in conjunction with other weaknesses to execute arbitrary code within the context of the affected process. For further details, refer to the security bulletins provided by Foxit Software and the Zero Day Initiative advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PDF Reader 12.1.2.15332

References

https://www.zerodayinitiative.com/advisories/ZDI-23-993/
x_research-advisory
https://www.foxit.com/support/security-bulletins.html
vendor-advisory

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.