Foxit Pdf Editor vulnerabilities

CVE-2022-24370 [MEDIUM] CWE-125 CVE-2022-24370: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA forms. The i

CVE-2022-24954 [CRITICAL] CWE-787 CVE-2022-24954: Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings.

CVE-2022-24955 [CRITICAL] CWE-427 CVE-2022-24955: Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path E Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search Path Element for DLL files.

CVE-2021-45978 [HIGH] CWE-78 CVE-2021-45978: Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary cod Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via xfa.host.gotoURL in the XFA API.

CVE-2021-45979 [HIGH] CWE-78 CVE-2021-45979: Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary cod Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via app.launchURL in the JavaScript API.

CVE-2021-45980 [HIGH] CVE-2021-45980: Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary cod Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API.