CVE-2022-24954
published 2022-02-11CVE-2022-24954: Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foxit | pdf_editor | <= 10.1.6.37749 | — |
| foxit | pdf_editor | 11.0.1.0719 – 11.2.0.53415 | — |
| foxit | pdf_reader | <= 11.1.0.52543 | — |