What is the severity of CVE-2022-22150?

CVE-2022-22150 is classified as a critical vulnerability due to the potential for memory corruption and arbitrary code execution.

How do I fix CVE-2022-22150?

To fix CVE-2022-22150, update to the latest version of Foxit PDF Reader that addresses this vulnerability.

What versions of Foxit PDF Reader are affected by CVE-2022-22150?

CVE-2022-22150 affects Foxit PDF Reader version 11.1.0.52543 specifically.

What type of vulnerability is CVE-2022-22150?

CVE-2022-22150 is a memory corruption vulnerability within the JavaScript engine of Foxit PDF Reader.

Can exploitation of CVE-2022-22150 lead to remote code execution?

Yes, exploitation of CVE-2022-22150 can potentially lead to remote code execution due to improper exception handling.

Vulnerability/
CVE-2022-22150

high

8.8

CWE

755 460

4/2/2022

3/8/2024

CVE-2022-22150

First published: Fri Feb 04 2022(Updated: )

A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger an exception which is improperly handled, leaving the engine in an invalid state, which can lead to memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled.

Credit: talos-cna@cisco.com

Affected Software	Affected Version	How to fix
Foxit Reader	=11.1.0.52543

Never miss a vulnerability like this again

Reference Links

https://talosintelligence.com/vulnerability_reports/TALOS-2022-1439

Frequently Asked Questions

What is the severity of CVE-2022-22150?
CVE-2022-22150 is classified as a critical vulnerability due to the potential for memory corruption and arbitrary code execution.
How do I fix CVE-2022-22150?
To fix CVE-2022-22150, update to the latest version of Foxit PDF Reader that addresses this vulnerability.
What versions of Foxit PDF Reader are affected by CVE-2022-22150?
CVE-2022-22150 affects Foxit PDF Reader version 11.1.0.52543 specifically.
What type of vulnerability is CVE-2022-22150?
CVE-2022-22150 is a memory corruption vulnerability within the JavaScript engine of Foxit PDF Reader.
Can exploitation of CVE-2022-22150 lead to remote code execution?
Yes, exploitation of CVE-2022-22150 can potentially lead to remote code execution due to improper exception handling.

agent/weakness
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/references
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/foxit
canonical/foxit reader
version/foxit reader/11.1.0.52543

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.