all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2022-37383 (pdf_editor, pdf_reader)

Add to bookmarks
March 29, 2023, 7:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary …

11.2 actions attackers code context current cve doc end exploit file flaw foxit handling information javascript malicious object pdf pdf reader performing process reader sensitive information target trigger vulnerabilities vulnerability zdi

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 5 months, 3 weeks ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Advisory Red Consultant

@ Security Risk Advisors | Philadelphia, Pennsylvania, United States
View on infosec-jobs.com

Cyber Business Transformation Change Analyst

@ National Grid | Warwick, GB, CV34 6DA
View on infosec-jobs.com

Cyber Security Analyst

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com

Associate Administrator, Cyber Security Governance (Fort Myers)

@ Millennium Physician Group | Fort Myers, FL, United States
View on infosec-jobs.com

Embedded GSOC Lead Operator, Events

@ Sibylline Ltd | Seattle, WA, United States
View on infosec-jobs.com
View more jobs