CVE-2025-55307
LOW 3.3An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query() with a crafted cDIPath parameter (e.g., "/") may cause an out-of-bounds read in internal path-parsing logic, potentially leading to information disclosure or memory corruption.
Affected Applications in Environment
14
Editor
v7.1
1 device
PDF Reader
v2024.3.0.26795
23 devices
PDF Reader
v2024.2.3.25184
3 devices
PDF Reader
v12.1.0.15250
2 devices
PDF Reader
v2024.4.0.27683
1 device
PDF Reader
v2023.2.0.21408
2 devices
PDF Reader
v2023.3.0.23028
2 devices
PDF Reader
v12.0.1.12430
1 device
PDF Reader
v12.0.0.12394
1 device
PDF Reader
v2025.2.1.69005 (2025.2.0.68868)
1 device
PDF Reader
v2024.1.0.23997
1 device
PDF Reader
v1.0.1
1 device
PDF Reader
v2025.1.0.27937
1 device
PDF Reader
v12.1.2.15332
1 device
Affected Devices
41
AIRPORT2312-02
Windows
ATWOOD-453Z1G3
Windows
COX12
Windows
DESKTOP-15U41CQ
Windows
DESKTOP-2UD952N
Windows
DPAPSB-A6183C8S
Windows
DPEBIE-5171H8C
Windows
DPEFSN-2H0KYD3
Windows
DPEMAE-5171VCC
Windows
DPEMAE-7242KJS
Windows
DPEMAE-7242KKC
Windows
DPITED-A7242KKG
Windows
HELIOS
Windows
MICROFILM2000-H
Windows
MXL1172G4V-1877
Windows
MXL1172G4W-1877
Windows
MXL1172G4X-1877
Windows
MXL1172G4Y-1877
Windows
MXL1172G50-1877
Windows
MXL1172G51-1877
Windows
MXL1172G55-1877
Windows
MXL1172G57-1877
Windows
MXL1172G58-1877
Windows
MXL1172G5D-1877
Windows
MXL1172G5F-1877
Windows
MXL1172G5G-1883
Windows
MXL1172G5H-1877
Windows
MXL1172G5J-1877
Windows
MXL1172G5K-1877
Windows
MXL1172G5N-1877
Windows
MXL1172G5V-1877
Windows
MXL1172G5Z-1877
Windows
MXL1172G62-1877
Windows
MXL1172G64-1877
Windows
MXL1314RT5-1883
Windows
MXL1314RTV-1883
Windows
MXL1314RV3-1883
Windows
SGOSNEYLAPTOP
Windows
USULOAN257
Windows
USULOAN386
Windows
a02459287-GCN22J0PJ7
Mac