Lucene search
DoHyun Lee(@l33d0hyun)ZDI-22-1049HistoryAug 05, 2022 - 12:00 a.m.
Foxit PDF Editor JavaScript Optimization Type Confusion Remote Code Execution Vulnerability
2022-08-0500:00:00
DoHyun Lee(@l33d0hyun)
www.zerodayinitiative.com
15
vulnerability
remote code execution
foxit pdf editor
javascript optimization
type confusion
user interaction
0.015 Low
EPSS
Percentile
86.9%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JavaScript optimizations. The issue results from an improper optimization, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
cnvd
cnvd
Foxit PDF Editor Remote Code Execution Vulnerability (CNVD-2023-23560)
2023-03-31 00:00:00
prion
prion
Type confusion
2023-03-29 19:15:00
cve
cve
CVE-2022-37377
2023-03-29 19:15:15
nvd
nvd
CVE-2022-37377
2023-03-29 19:15:15
cvelist
cvelist
CVE-2022-37377
2023-03-29 00:00:00
nessus
nessus
Foxit PDF Editor < 12.0.1 Multiple Vulnerabilities
2022-07-29 00:00:00
Foxit PDF Reader < 12.0.1 Multiple Vulnerabilities
2022-07-29 00:00:00
Foxit PDF Editor < 11.2.3 Multiple Vulnerabilities
2022-08-26 00:00:00
kaspersky
kaspersky
KLA12598 Multiple vulnerabilities in Foxit Reader
2022-07-29 00:00:00