Foxit Reader Memory Corruption Vulnerability Leading to Arbitrary Code Execution
Vulnerability
A memory corruption vulnerability has been identified in Foxit Reader version 2025.1.0.27937. This issue arises from the use of an uninitialized pointer, which can be exploited by specially crafted JavaScript embedded in a malicious PDF document. The vulnerability allows for memory corruption, potentially leading to arbitrary code execution. Exploitation requires the user to open the malicious PDF or visit a crafted website with the Foxit Reader browser plugin enabled.
Impact
Exploitation of this vulnerability causes a memory corruption error, allowing for arbitrary code execution on the affected system.
Reproduction
The vulnerability can be reproduced by opening a malicious PDF file containing specially crafted JavaScript code that exploits the uninitialized pointer issue. Alternatively, the vulnerability can be triggered by visiting a malicious website with the Foxit Reader browser plugin active, where the crafted JavaScript is executed.
Remediation
Users are advised to update to the latest version of Foxit Reader, as the vulnerability has been patched in the version released on August 13, 2025.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.