Home
HIGH: 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HDefault status
unaffected
Versions 2026.1.1 and earlier
affected
Versions 14.0.4 and earlier
affected
Versions 13.2.4 and earlier
affected
Default status
unaffected
Versions 2026.1.1 and earlier
affected
Description
When the application opens a PDF file and JavaScript writes annotation attributes, there is a lack of sufficient object type and argument checks. As a result, due to the damage to the internal structure of the annotations, it causes the application to crash during subsequent release.
Problem types
CWE-763 Release of invalid pointer or reference
Product status
Versions 2026.1.1 and earlier
Versions 14.0.4 and earlier
Versions 13.2.4 and earlier
Versions 2026.1.1 and earlier
Credits
XuPeng
References
www.foxit.com/support/security-bulletins.html