CNNVD-202508-2524 Information
CNNVD ID
CNNVD-202508-2524
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
Foxit PDF Reader是中国福昕(Foxit)公司的一款PDF阅读器。 Foxit PDF Reader 4.2.0.0928之前版本存在安全漏洞,该漏洞源于未正确检查PDF信息字典中的Title条目,可能导致执行任意代码。
Description (English)
Foxit PDF Reader is a PDF reader for Foxit. The previous version of Foxit PDF Reader 4.2.0.0928 had a security loophole, which originated from an incorrect check of the Title entries in the PDF information dictionary and could lead to the implementation of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
福昕
Published
2025-08-20
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/foxit-pdf-reader-title-stack-buffer-overflow https://www.foxit.com/pdf-reader/version-history.html https://www.exploit-db.com/exploits/16621 https://www.exploit-db.com/exploits/15532 https://www.exploit-db.com/exploits/15514/ https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/foxit_title_bof.rb https://nvd.nist.gov/vuln/detail/CVE-2010-20010
Patch
https://www.foxit.com/pdf-reader/version-history.html
Share on: