CVE-2022-22150

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader version 11.1.0.52543

Description A memory corruption issue exists in the JavaScript engine of Foxit PDF Reader. This issue can be triggered by a specially-crafted PDF document, causing an exception that is improperly handled and leaving the engine in an invalid state. This can lead to memory corruption and arbitrary code execution. An attacker can exploit this by tricking a user into opening a malicious file or by having the user visit a specially-crafted malicious site if the browser plugin extension is enabled.

Recommendations For Foxit PDF Reader version 11.1.0.52543, consider disabling the JavaScript engine until a patch is available to prevent exploitation. Restrict access to malicious PDF documents and avoid visiting untrusted websites with the browser plugin extension enabled. At the moment, there is no information about a newer version that contains a fix for this vulnerability.