CVE-2024-28888

EUVD-2024-25955

02.10.2024, 21:15

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a checkbox  field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
CISA-ADP	ADP	8.8 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 88%

Affected Products (NVD)

Vendor	Product	Version
foxit	pdf_reader	2024.1.0.23997

𝑥

= Vulnerable software versions

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
foxitsoftware	foxit_reader	2024.1.0.23997	ADP

Known Exploits!

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1967

Common Weakness Enumeration

CWE-416 - Use After Free
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

References

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1967

https://www.foxit.com/support/security-bulletins.html

https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1967