7.8
CVE-2025-66499
- EPSS 0.05%
- Veröffentlicht 19.12.2025 07:16:03
- Zuletzt bearbeitet 23.12.2025 17:37:17
- Quelle 14984358-7092-470d-8f34-ade47a
- CVE-Watchlists
- Unerledigt
A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Foxit ≫ Pdf Editor Version <= 13.2.1.23955
Foxit ≫ Pdf Editor Version >= 14.0.0.33046 <= 14.0.1.33197
Foxit ≫ Pdf Editor Version >= 2023.1.0.15510 <= 2023.3.0.23028
Foxit ≫ Pdf Editor Version >= 2024.1.0.23997 <= 2024.4.1.27687
Foxit ≫ Pdf Editor Version >= 2025.1.0.27937 <= 2025.2.1.33197
Foxit ≫ Pdf Reader Version <= 2025.2.1.33197
Foxit ≫ Pdf Editor Version <= 13.2.1.63315
Foxit ≫ Pdf Editor Version >= 14.0.0.33046 <= 14.0.1.69005
Foxit ≫ Pdf Editor Version >= 2023.1.0.15510 <= 2023.3.0.63083
Foxit ≫ Pdf Editor Version >= 2024.1.0.23997 <= 2024.4.1.66479
Foxit ≫ Pdf Editor Version >= 2025.1.0.27937 <= 2025.2.1.69005
Foxit ≫ Pdf Reader Version <= 2025.2.1.69005
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.147 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 14984358-7092-470d-8f34-ade47a7658a2 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.