First published: Mon Jul 18 2022(Updated: )
Credit: zdi-disclosures@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Foxit PDF Editor | <=10.1.7.37777 | |
Foxit PDF Editor | >=11.0<=11.2.1.53537 | |
Foxit PDF Reader | <=11.2.1.53537 | |
Microsoft Windows | ||
Foxit PDF Reader |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-28669 is a vulnerability that allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537.
This vulnerability occurs when a user visits a malicious page or opens a malicious file, which triggers a use-after-free flaw within the handling of Doc objects in Foxit PDF Reader.
The severity of CVE-2022-28669 is high with a CVSS score of 7.8.
Foxit PDF Reader versions up to and including 11.2.1.53537 are affected.
No, Microsoft Windows is not affected by this vulnerability.
To fix CVE-2022-28669, users should upgrade to the latest version of Foxit PDF Reader, which has addressed this vulnerability.