216.73.216.36

CVE-2025-66499

· Published 19/12/2025 07:16 · Modified 23/12/2025 17:37

Labels: CVE-2025-66499 14984358-7092-470d-8f34-ade47a7658a22025-12-19CVE-2025-66499

Essential information

Published
19/12/2025 07:16
Modified
23/12/2025 17:37
Author
Creator
CVSS
7.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS metrics

Description

A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
14984358-7092-470d-8f34-ade47a7658a2
NVD
View on NVD

Affected products (CPE)

ProductCPE
foxit / pdf editor cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
foxit / pdf editor cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
foxit / pdf editor cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
foxit / pdf editor cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
foxit / pdf editor cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
foxit / pdf reader cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*
microsoft / windows cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
foxit / pdf editor cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
foxit / pdf editor cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
foxit / pdf editor cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
foxit / pdf editor cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
foxit / pdf editor cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
foxit / pdf reader cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*
apple / macos cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

References