PT-2025-50616 · Foxit · Foxit Pdf/Editor 2025+1
Published
2025-12-11
·
Updated
2026-01-06
·
CVE-2025-55308
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Foxit PDF and Editor versions prior to 13.2
Foxit PDF and Editor 2025 versions prior to 2025.2
Description
A crafted PDF file containing JavaScript code that invokes the
closeDoc() function while internal objects are still in use can trigger a use-after-free condition. This can lead to memory corruption and potential information disclosure when the PDF is opened. The closeDoc() function is called prematurely, releasing internal objects before they are no longer needed.Recommendations
Update Foxit PDF and Editor to version 13.2 or later.
Update Foxit PDF and Editor 2025 to version 2025.2 or later.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foxit Pdf Editor
Foxit Pdf/Editor 2025