Foxit Software PDF Editor 12.0.0
Approved changes feed: RSS · Atom
cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*
part: a version: 12.0.0 update: *
| Vendor | Foxit (3778a6df-af29-5bee-a995-959672e13d77) |
|---|---|
| Product | Pdf Editor (9ffd62d3-3123-511f-93d6-d83211921c55) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-32488 |
vulnerable | 2026-06-03 14:55:41.132702 |
Details available
In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there.
Published: 2024-04-15T00:00:00.000Z
Updated: 2024-08-09T15:38:30.038Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30371 |
vulnerable | 2026-06-03 14:55:37.849352 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23355.
Published: 2024-04-02T20:28:59.183Z
Updated: 2024-08-02T01:32:07.236Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30367 |
vulnerable | 2026-06-03 14:55:37.787249 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23013.
Published: 2024-04-02T20:27:37.842Z
Updated: 2024-08-02T01:32:07.304Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30365 |
vulnerable | 2026-06-03 14:55:37.785890 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22947.
Published: 2024-04-02T20:18:43.270Z
Updated: 2024-08-02T01:32:07.171Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30362 |
vulnerable | 2026-06-03 14:55:37.783771 |
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22798.
Published: 2024-04-02T20:18:04.752Z
Updated: 2024-08-02T01:32:07.262Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30361 |
vulnerable | 2026-06-03 14:55:37.782995 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22877.
Published: 2024-04-02T20:17:53.853Z
Updated: 2024-08-02T01:32:07.130Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30360 |
vulnerable | 2026-06-03 14:55:37.782296 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22797.
Published: 2024-04-02T20:17:40.995Z
Updated: 2024-08-02T01:32:07.215Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30359 |
vulnerable | 2026-06-03 14:55:37.781648 |
Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of 3D objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22888.
Published: 2024-04-02T20:17:26.652Z
Updated: 2024-08-02T01:32:07.216Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30358 |
vulnerable | 2026-06-03 14:55:37.781029 |
Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22821.
Published: 2024-04-02T20:17:11.501Z
Updated: 2024-08-02T01:32:07.239Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30357 |
vulnerable | 2026-06-03 14:55:37.780356 |
Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22818.
Published: 2024-04-02T20:16:10.523Z
Updated: 2024-08-02T01:32:07.168Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30354 |
vulnerable | 2026-06-03 14:55:37.778953 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22808.
Published: 2024-04-02T20:15:26.857Z
Updated: 2024-08-02T01:32:07.280Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30353 |
vulnerable | 2026-06-03 14:55:37.777946 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22807.
Published: 2024-04-02T20:15:15.599Z
Updated: 2024-08-02T01:32:07.264Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30352 |
vulnerable | 2026-06-03 14:55:37.777131 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22800.
Published: 2024-04-02T20:15:02.950Z
Updated: 2024-08-02T01:32:07.246Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30351 |
vulnerable | 2026-06-03 14:55:37.776447 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22799.
Published: 2024-04-02T20:14:37.138Z
Updated: 2024-08-02T01:32:07.133Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30349 |
vulnerable | 2026-06-03 14:55:37.775272 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22912.
Published: 2024-04-02T20:14:09.849Z
Updated: 2024-08-02T01:32:07.202Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30348 |
vulnerable | 2026-06-03 14:55:37.774629 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22911.
Published: 2024-04-02T20:13:57.509Z
Updated: 2024-08-02T01:32:07.173Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30346 |
vulnerable | 2026-06-03 14:55:37.773630 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22745.
Published: 2024-04-02T20:13:32.142Z
Updated: 2024-08-02T01:32:07.288Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30345 |
vulnerable | 2026-06-03 14:55:37.773011 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22742.
Published: 2024-04-02T20:13:20.386Z
Updated: 2024-08-02T01:32:07.060Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30344 |
vulnerable | 2026-06-03 14:55:37.772332 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22733.
Published: 2024-04-02T20:12:54.900Z
Updated: 2024-08-02T01:32:07.189Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30337 |
vulnerable | 2026-06-03 14:55:37.768804 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Acroforms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22704.
Published: 2024-04-02T20:10:46.578Z
Updated: 2024-08-02T01:32:07.114Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30336 |
vulnerable | 2026-06-03 14:55:37.768164 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22642.
Published: 2024-04-02T20:10:27.749Z
Updated: 2024-08-02T01:32:07.160Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30335 |
vulnerable | 2026-06-03 14:55:37.767617 |
Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22641.
Published: 2024-04-02T17:48:13.134Z
Updated: 2024-08-02T01:32:07.241Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30331 |
vulnerable | 2026-06-03 14:55:37.765580 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22637.
Published: 2024-04-03T16:23:02.442Z
Updated: 2024-08-02T01:32:07.269Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30323 |
vulnerable | 2026-06-03 14:55:37.756400 |
Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22501.
Published: 2024-04-03T16:21:07.052Z
Updated: 2024-08-02T01:32:07.024Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-38116 |
vulnerable | 2026-06-03 14:52:30.319716 |
Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
LOW (3.3)
Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21292.
Published: 2024-05-03T01:59:14.507Z
Updated: 2024-08-02T17:30:14.037Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-38111 |
vulnerable | 2026-06-03 14:52:30.315344 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
HIGH (7.8)
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21025.
Published: 2024-05-03T01:59:10.625Z
Updated: 2024-08-02T17:30:14.065Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.