PT-2025-34318 · Foxit · Foxit Pdf Reader
Mat Powell
·
Published
2025-03-25
·
Updated
2025-10-29
·
CVE-2025-9326
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Foxit PDF Reader (affected versions not specified)
Foxit PDF Editor (affected versions not specified)
Description
The software contains a flaw in the parsing of PRC files, leading to an out-of-bounds read. Exploitation of this issue could allow a remote attacker to execute arbitrary code on affected systems. User interaction is required, specifically the need for a user to open a malicious file or visit a malicious page. The issue stems from insufficient validation of user-supplied data during PRC file parsing, resulting in a read past the end of an allocated buffer. An attacker can potentially leverage this to execute code within the context of the current process.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foxit Pdf Reader