Information Disclosure Vulnerability in Foxit PDF Reader
CVE-2024-30340

Currently unrated

Key Information:

Vendor: Foxit Software
Status: Foxit PDF Reader
Vendor: CVE Published:; 2 April 2024

🔔 Create Foxit Software Vulnerability Alert

What is CVE-2024-30340?

The Foxit PDF Reader contains a vulnerability associated with the handling of Annotation objects leading to potential information disclosure. When users are exposed to manipulated files or malicious web pages, improper validation of user-supplied data may occur. This flaw can allow remote attackers to read sensitive information beyond the allocated buffer, potentially aiding in the exploitation of further vulnerabilities. Users of Foxit PDF Reader are advised to remain vigilant and apply necessary updates to secure their systems against this risk.

References

https://www.zerodayinitiative.com/advisories/ZDI-24-321/

https://www.foxit.com/support/security-bulletins.html

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 2, 2024