Remote Code Execution Vulnerability in Foxit PDF Reader's AcroForm Handling
CVE-2024-12752

Currently unrated

Key Information:

Vendor

Foxit
Status
PDF Reader
Vendor
CVE Published:
30 December 2024

What is CVE-2024-12752?

A vulnerability exists within Foxit PDF Reader related to the handling of AcroForms, wherein insufficient validation of user-supplied data can lead to memory corruption. This flaw enables remote attackers to execute arbitrary code on affected installations. Exploitation requires user interaction, as it necessitates the opening of a malicious file or visiting a harmful web page. Severity of impact arises from the potential execution of code within the context of the current process, posing serious security risks to users.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PDF Reader 2024.2.3.25184

References

https://www.zerodayinitiative.com/advisories/ZDI-24-1738/
x_research-advisory
https://www.foxit.com/support/security-bulletins.html
vendor-advisory

Timeline

  • Vulnerability published

JSON
.