CVE-2023-42093
CVSS 3.1 Score 3.3 of 10 (low)
Details
Summary
CVE-2023-42093 is a vulnerability known as "Foxit PDF Reader Annotation Use-After-Free Information Disclosure." This vulnerability affects installations of Foxit PDF Reader and can be exploited by remote attackers to disclose sensitive information. To exploit the vulnerability, user interaction is required, such as visiting a malicious page or opening a malicious file. The flaw lies in the handling of Annotation objects, where the lack of validation before performing operations on the object allows an attacker to execute arbitrary code in the current process. The vulnerability has a low base severity score of 3.3 and a low impact score of 1.4, with no privileges required for exploitation and low confidentiality impact. The affected products include various versions of Foxit PDF Reader, identified by their product codes. It is crucial for organizations using Foxit PDF Reader to apply any available patches or updates to remediate this vulnerability and prevent potential information disclosure incidents.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions