CVE-2025-66498

Medium CVSS: 5.3

A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing U3D data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption.

Vendor

Foxit

Product

Pdf Editor

CWE

CWE-125

Yayın Tarihi

2025-12-19 07:16:02

Güncelleme

2025-12-23 17:37:08

Source Identifier

14984358-7092-470d-8f34-ade47a7658a2

KEV Date Added

Kategoriler

CWE-125 Pdf Editor MEDIUM Foxit 2025

Referanslar

https://www.foxit.com/support/security-bulletins.html

Benzer Kayıtlar

Medium

CVE-2026-1592

Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the Create New Layer feature.…

Medium

CVE-2026-1591

Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the file upload feature. A ma…

Medium

CVE-2025-66520

A stored cross-site scripting (XSS) vulnerability exists in the Portfolio feature of the Foxit PDF Editor cloud (pdfonli…

Medium

CVE-2025-66521

A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Trusted Certificates feature.…

Medium

CVE-2025-66522

A stored cross-site scripting (XSS) vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud…

Medium

CVE-2025-66501

A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Predefined Text feature of th…