Vulnerabilities in Foxit Reader or PDF Editor endanger macOS and Windows computers. In the worst case, attackers can execute malicious code.
Advertisement
The developers warn in the security section of the websitethat attackers can initiate attacks using certain manipulated objects in PDF files. It can be assumed that victims will have to open such a file. An attack is therefore not easily possible.
In addition, errors can occur when processing user input, which triggers a memory error (out-of-bounds). Malicious code can then get onto systems. The developers do not currently list CVE numbers or the risk posed by the gaps. The following versions are equipped against the attacks described:
- macOS and Windows: Foxit PDF Reader/PDF Editor 2023.3
(of)