Unrated severityNVD Advisory· Published Dec 22, 2020· Updated Aug 4, 2024
CVE-2020-13557
CVE-2020-13557
Description
A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Foxit Software/Foxit PDF Readerdescription
- Range: =10.1.0.37527
Patches
Vulnerability mechanics
References
1- talosintelligence.com/vulnerability_reports/TALOS-2020-1171mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.