CVE-2024-9246
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-9246 is a vulnerability affecting Foxit PDF Reader's handling of Annotation objects. This issue allows remote attackers to disclose sensitive information by inducing an out-of-bounds read. User interaction is necessary for exploitation, as the target must either visit a malicious webpage or open a crafted PDF file. The root cause is insufficient validation of user-supplied data, leading to a read beyond the allocated buffer. This vulnerability, identified as ZDI-CAN-24135, can potentially be combined with other flaws to execute arbitrary code in the context of the current process.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.