PT-2025-50621 · Foxit · Foxit Pdf/Editor 2025+1
Milan Kyselica
·
Published
2025-12-11
·
Updated
2025-12-11
·
CVE-2025-55313
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Foxit PDF and Editor versions prior to 13.2
Foxit PDF and Editor 2025 versions prior to 2025.2
Description
The software contains a flaw related to insufficient handling of memory allocation failures after a large value is assigned to a form field's
charLimit property through JavaScript. This can lead to memory corruption and potentially allow an attacker to execute arbitrary code by tricking a user into opening a specially crafted file.Recommendations
Update Foxit PDF and Editor to version 13.2 or later.
Update Foxit PDF and Editor 2025 to version 2025.2 or later.
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foxit Pdf Editor
Foxit Pdf/Editor 2025