Description
When the application opens a PDF and executes JavaScript, it performs abnormal operations on the list box field, and this operation is repeated after the form is reset. During this process, the application failed to adequately verify the validity of the form objects and their internal dictionary pointers, resulting in accessing internal members of invalid or improperly initialized fields. This led to an illegal pointer read, ultimately causing the application to crash.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://www.foxit.com/support/security-bulletins.html |
|
History
Wed, 08 Jul 2026 08:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | When the application opens a PDF and executes JavaScript, it performs abnormal operations on the list box field, and this operation is repeated after the form is reset. During this process, the application failed to adequately verify the validity of the form objects and their internal dictionary pointers, resulting in accessing internal members of invalid or improperly initialized fields. This led to an illegal pointer read, ultimately causing the application to crash. | |
| Title | Foxit Editor/Reader List Box Format Use-After-Free Vulnerability | |
| Weaknesses | CWE-416 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: Foxit
Published:
Updated: 2026-07-08T07:35:59.810Z
Reserved: 2026-06-24T03:01:18.718Z
Link: CVE-2026-57256
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses