CVSS 3.1 Score 3.3 of 10 (low)


Published May 3, 2024
Updated: May 23, 2024
CWE ID 416


CVE-2023-42093 is a vulnerability known as "Foxit PDF Reader Annotation Use-After-Free Information Disclosure." This vulnerability affects installations of Foxit PDF Reader and can be exploited by remote attackers to disclose sensitive information. To exploit the vulnerability, user interaction is required, such as visiting a malicious page or opening a malicious file. The flaw lies in the handling of Annotation objects, where the lack of validation before performing operations on the object allows an attacker to execute arbitrary code in the current process. The vulnerability has a low base severity score of 3.3 and a low impact score of 1.4, with no privileges required for exploitation and low confidentiality impact. The affected products include various versions of Foxit PDF Reader, identified by their product codes. It is crucial for organizations using Foxit PDF Reader to apply any available patches or updates to remediate this vulnerability and prevent potential information disclosure incidents.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-42093 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options