Titus Vollbracht

**Name of the Vulnerable Software and Affected Versions** Foxit PDF and Editor versions prior to 13.2 Foxit PDF and Editor 2025 versions prior to 2025.2 **Description** A specially crafted PDF document can utilize JavaScript to modify annotation content and then remove the file’s modification status through JavaScript interfaces. This bypasses digital signature verification by concealing document changes, potentially misleading users about the document’s integrity and compromising the trust associated with signed PDFs. **Recommendations** Update Foxit PDF and Editor to version 13.2 or later. Update Foxit PDF and Editor 2025 to version 2025.2 or later.

**Name of the Vulnerable Software and Affected Versions** Foxit PDF Editor and Reader versions prior to 2025.2.1 **Description** The software allows for signature spoofing through the use of Optional Content Groups (OCG). When OCGs are supported, the state property of an OCG is runtime-only and is not included in the digital signature computation. An attacker can use JavaScript or PDF triggers to change the visibility of OCG content after signing, modifying the visual content of a signed PDF without invalidating the signature. This can lead to a discrepancy between the signed content and what is displayed to the signer or verifier, potentially compromising the trustworthiness of the digital signature. **Recommendations** Update to version 2025.2.1 or later. Update to version 14.0.1 or later. Update to version 13.2.1 or later.