Foxit Pdf Editor vulnerabilities

CVE-2025-66499 [HIGH] CWE-190 CVE-2025-66499: A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when proces A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code.

CVE-2025-13941 [HIGH] CWE-732 CVE-2025-13941: A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. Dur A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these resources, which are later executed by the service, resulting in executio

CVE-2025-66498 [MEDIUM] CWE-125 CVE-2025-66498: A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to in A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing U3D data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption.

CVE-2025-66495 [HIGH] CWE-416 CVE-2025-66495: A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1 A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code.

CVE-2025-66497 [MEDIUM] CWE-125 CVE-2025-66497: A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to in A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption.

CVE-2025-66493 [HIGH] CWE-416 CVE-2025-66493: A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Edi A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 on Windows . When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary

CVE-2025-66496 [MEDIUM] CWE-125 CVE-2025-66496: A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to in A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption.

CVE-2025-66494 [HIGH] CWE-416 CVE-2025-66494: A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 1 A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.

CVE-2025-55313 [HIGH] CWE-94 CVE-2025-55313: An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 20 An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. They allow potential arbitrary code execution when processing crafted PDF files. The vulnerability stems from insufficient handling of memory allocation failures after assigning an extremely large value to a form field's charLimit property via Java

CVE-2025-55314 [HIGH] CWE-476 CVE-2025-55314: An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 20 An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereference of invalid or released memory. This can lea

CVE-2025-59802 [HIGH] CWE-290 CVE-2025-59802: Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups (OCG) are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamically change the visibility of OCG content after signing (

CVE-2025-55312 [HIGH] CWE-476 CVE-2025-55312: An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereference of invalid or released memory. This can lead to memor

CVE-2025-55310 [HIGH] CWE-494 CVE-2025-55310: An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 20 An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in information disclosure, unauthorized data access, or other

CVE-2025-59803 [MEDIUM] CWE-347 CVE-2025-59803: Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can e Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the triggers modify content on other pages or optional

CVE-2025-55309 [MEDIUM] CWE-416 CVE-2025-55309: An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 20 An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal focus change handling prematurely releases the annotation object, result

CVE-2025-55308 [MEDIUM] CWE-416 CVE-2025-55308: An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A cr An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A crafted PDF containing JavaScript that calls closeDoc() while internal objects are still in use can cause premature release of these objects. This use-after-free vulnerability may lead to memory corruption, potentially resulting in information disclosur

CVE-2025-55311 [MEDIUM] CWE-347 CVE-2025-55311: An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 20 An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification by hiding document modifications, allowing an attacker

CVE-2025-55307 [LOW] CWE-125 CVE-2025-55307: An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Open An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query() with a crafted cDIPath parameter (e.g., "/") may cause an out-of-bounds read in internal path-parsing logic, potentially leading to information disclosure or memory corruption.

CVE-2025-9330 [HIGH] CWE-427 CVE-2025-9330: Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerab Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. T

CVE-2025-9326 [HIGH] CWE-125 CVE-2025-9326: Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulne Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla