7.8
CVE-2025-55312
- EPSS 0.01%
- Veröffentlicht 11.12.2025 00:00:00
- Zuletzt bearbeitet 18.12.2025 21:34:22
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereference of invalid or released memory. This can lead to memory corruption, application crashes, and potentially allow an attacker to execute arbitrary code.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Foxit ≫ Pdf Editor Version <= 13.1.7.63027
Foxit ≫ Pdf Editor Version >= 2023.1.0.55583 <= 2023.3.0.63083
Foxit ≫ Pdf Editor Version >= 2024.1.0.63682 <= 2024.4.1.66479
Foxit ≫ Pdf Editor Version2025.1.0.66692
Foxit ≫ Pdf Reader Version <= 2025.1.0.66692
Foxit ≫ Pdf Editor Version >= 2023.1.0.15510 <= 2023.3.0.23028
Foxit ≫ Pdf Editor Version >= 2024.1.0.23997 <= 2024.4.1.27687
Foxit ≫ Pdf Editor Version2025.1.0.27937
Foxit ≫ Pdf Reader Version <= 2025.1.0.27937
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.009 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.