CVE-2024-28888 - Foxit Reader Checkbox Use-After-Free (Arbitrary Code Execution)

CVE ID : CVE-2024-28888 Published : Oct. 2, 2024, 9:15 p.m. | 2 hours, 29 minutes ago Description : A use-after-free vulnerability exists in the way Foxit Reade 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Autor

Okt 3, 2024 - 01:45

0 1

CVE-2024-28888 - Foxit Reader Checkbox Use-After-Free (Arbitrary Code Execution)

CVE ID : CVE-2024-28888
Published : Oct. 2, 2024, 9:15 p.m. | 2 hours, 29 minutes ago
Description : A use-after-free vulnerability exists in the way Foxit Reade 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2024-28888 - Foxit Reader Checkbox Use-After-Free (Arbitrary Code Execution)

Tags:

Verwandte Beiträge

Follow Us

Popular Posts

Recommended Posts

Popular Tags