PT-2025-50622 · Foxit · Foxit Pdf Editor+1
Published
2025-12-11
·
Updated
2025-12-11
·
CVE-2025-55314
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Foxit PDF and Editor versions prior to 13.2
Foxit PDF and Editor 2025 versions prior to 2025.2
Description
A flaw exists in Foxit PDF and Editor where deleting pages in a PDF document using JavaScript can cause the application to fail to update its internal states correctly. This can lead to issues when managing annotations, as the application assumes the internal states are valid, potentially resulting in memory corruption and application crashes. Exploitation could allow an attacker to execute arbitrary code. The issue involves dereferencing invalid or released memory.
Recommendations
Update Foxit PDF and Editor to version 13.2 or later.
Update Foxit PDF and Editor 2025 to version 2025.2 or later.
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Foxit Pdf Editor
Foxit Pdf/Editor 2025