CVE-2025-55307

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Foxit PDF and Editor versions prior to 13.2 Foxit PDF and Editor 2025 versions prior to 2025.2

Description An issue exists in Foxit PDF and Editor that may lead to information disclosure or memory corruption. This can occur when opening a malicious PDF file containing a crafted JavaScript call to the search.query() function. The issue is triggered by a crafted cDIPath parameter (for example, "/") which causes an out-of-bounds read in the internal path-parsing logic.

Recommendations Update Foxit PDF and Editor to version 13.2 or later. Update Foxit PDF and Editor 2025 to version 2025.2 or later.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2025-55307

Affected Products

Foxit Pdf Editor

Foxit Pdf/Editor 2025

CVE-2025-55307

Weakness Enumeration

Related Identifiers

Affected Products

References · 7