CVE-2024-9252
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-9252 is a vulnerability affecting Foxit PDF Reader, where an AcroForm Use-After-Free Information Disclosure issue occurs. This flaw enables remote attackers to disclose sensitive data on vulnerable installations. To exploit this vulnerability, users must visit a malicious webpage or open a malicious file. The root cause of the issue is the lack of validation for the existence of an object prior to executing operations on it. An attacker can combine this vulnerability with others to execute arbitrary code within the current process. This vulnerability, originally reported as ZDI-CAN-24491, underscores the importance of keeping software updated to maintain cybersecurity.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.