CVE-2025-66499

HIGH

7.8

Beschreibung

A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code.

CVE Details

CVSS v3.1 Bewertung7.8

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AngriffsvektorLOCAL

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionREQUIRED

Veroffentlicht12/19/2025

Zuletzt geandert12/23/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

apple:macosfoxit:pdf_editorfoxit:pdf_readermicrosoft:windows

Schwachen (CWE)

CWE-190

Referenzen

https://www.foxit.com/support/security-bulletins.html(14984358-7092-470d-8f34-ade47a7658a2)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.