As per the security section of Foxit’s website, the versions Foxit PDF Editor 12.0.1 and Foxit PDF Reader 12.0.1 for macOS and Windows must be secured against malicious code attacks. Attackers could also use DoS attacks to crash applications or access data without authorization.
What attacks could look like in detail is not clear from the brief descriptions. It often reads as if victims had to open specially crafted PDF documents in order for memory corruption to occur and attackers to be able to run their own code.
Concrete information about the gaps is also missing. The emergency team of the Federal Office for Information Security (BSI) CERT Bund classifies the vulnerabilities as “critical” a.