Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38097

Nov. 21, 2022, 4:15 p.m. |

National Vulnerability Database nist.gov

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. By prematurely destroying annotation objects, a specially-crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled.

cve cve-2022-38097

Senior Cloud Security Engineer

@ HelloFresh | Berlin, Germany

Senior Security Engineer

@ Reverb | Remote, US

I.S. Security Analyst

@ YVFWC | Yakima, WA

Secure Key Infrastructure Development Security Engineer

@ Block | San Francisco, CA, United States

DevSecOps Engineer - TOP SECRET Clearance Required - Colorado Springs/Denver/Pueblo

@ Spry Squared, Inc. | Colorado Springs, CO, United States

C002548 Cyber Security Technical Support (NS) - FRI 9 Dec

@ EMW, Inc. | Mons, Wallonia, Belgium

Staff Information Security Engineer – Vulnerability Management

@ ServiceNow | Kirkland, Washington, United States

Staff Security Developer - FEDERAL Experience - PYTHON or JavaScript

@ ServiceNow | Kirkland, Washington, United States

Information Security Analyst

@ The Very Group | Liverpool, England, United Kingdom

PKI Engineer (Venafi)

@ NBCUniversal | Universal City, CALIFORNIA, United States

Governance Risk & Compliance (GRC) Analyst II (Entry Level)

@ Vericast | San Antonio, TX, United States

Hybrid Security Operations Networks Engineer

@ NECSWS | Nottingham, United Kingdom