Stack-Based Buffer Overflow in Foxit PDF Reader and Editor (Versions before 11.2.1) via XFA Subform and Draw Substrings

Stack-Based Buffer Overflow in Foxit PDF Reader and Editor (Versions before 11.2.1) via XFA Subform and Draw Substrings

CVE-2022-24954 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have a Stack-Based Buffer Overflow related to XFA, for the 'subform colSpan="-2"' and 'draw colSpan="1"' substrings.

Learn more about our Web Application Penetration Testing UK.