CVE-2025-55308
published 2025-12-11CVE-2025-55308: An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A crafted PDF containing JavaScript that calls closeDoc() while…
medium6.7CVSS 3.1
AVLACHPRLUIRSUCHIHAH
An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A crafted PDF containing JavaScript that calls closeDoc() while internal objects are still in use can cause premature release of these objects. This use-after-free vulnerability may lead to memory corruption, potentially resulting in information disclosure when the PDF is opened.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foxit | pdf_editor | <= 13.1.7.23637 | — |
| foxit | pdf_editor | — | — |
| foxit | pdf_editor | 2023.1.0.15510 – 2023.3.0.23028 | — |
| foxit | pdf_editor | 2024.1.0.23997 – 2024.4.1.27687 | — |
| foxit | pdf_reader | <= 2025.1.0.27937 | — |