Security updates available in Foxit PDF Editor 11.2.4įoxit has released Foxit PDF Editor 11.2.4, which addresses potential security and stability issues.įor more information, please contact the Foxit Security Response Team at. This occurs due to the use of object or pointer that has been freed when executing certain JavaScripts in PDF files. fzip file.Īddressed potential issues where the application could be exposed to Use-after-Free vulnerability and crash, which could be exploited by attackers to execute remote code.
This occurs as the application fails to validate the file when updating a plugin with the. This occurs due to the array access violation when handling certain PDF files containing a field that is formatted as “Percent” with an overly large value, or due to the infinite recursion resulting from the self-referenced object or incorrect hierarchy structure of nodes when handling certain PDF or XFA files.Īddressed a potential issue where the application could be exposed to Arbitrary File Execution vulnerability. This occurs due to the use of null pointer without proper validation when parsing certain PDF files that contain the invalid Page object, or access of the array outside the bounds resulting from the logic error when parsing certain PDF files whose colSpan attribute is set beyond the maximum length allowed.Īddressed potential issues where the application could be exposed to Stack Overrun or Stack Exhaustion vulnerability and crash, which could be exploited by attackers to cause a denial of service. Mat Powell of Trend Micro Zero Day InitiativeĪddressed potential issues where the application could be exposed to Null Pointer Dereference vulnerability and crash, which could be exploited by attackers to cause a denial of service.This occurs as the application accesses the array or iterator outside the bounds, or uses the wild pointer or object that has been freed without proper validation. Addressed potential issues where the application could be exposed to Read Access Violation, Use-after-Free, or Out-of-Bounds Read vulnerability and crash when parsing certain U3D files, which could be exploited by attackers to execute remote code or disclose information.
0 kommentar(er)
