CVE-2023-32664
published 2023-07-19CVE-2023-32664: A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. Specially crafted Javascript code…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. Specially crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. User would need to open a malicious file to trigger the vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foxit | foxit_reader | — | — |
| foxit | pdf_reader | — | — |