Foxit Reader Use-After-Free Vulnerability Can Lead to Arbitrary Code Execution
CVE-2024-28888

8.8HIGH

Key Information:

Vendor: Foxit
Status: Foxit Reader
Vendor: CVE Published:; 2 October 2024

Summary

A use-after-free vulnerability exists in Foxit Reader, specifically in the handling of checkbox field objects. Attackers can exploit this flaw by embedding specially crafted JavaScript code in malicious PDF documents, which can lead to memory corruption and arbitrary code execution on the victim's system. Users can be targeted through social engineering to open these malicious files, or by visiting malicious websites where the risk increases if the browser's Foxit Reader plugin is enabled. Awareness and caution are essential to mitigate the risk posed by this vulnerability.

Affected Version(s)

Foxit Reader 2024.1.0.23997

References

https://talosintelligence.com/vulnerability_reports/TALOS...

https://www.foxit.com/support/security-bulletins.html

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 2, 2024

Credit

Discovered by KPC of Cisco Talos.