Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-37332 PoC — Foxit PDF Reader 资源管理错误漏洞

Source
https://github.com/SpiralBL0CK/CVE-2022-37332-RCE-
Associated Vulnerability
Title:Foxit PDF Reader 资源管理错误漏洞 (CVE-2022-37332)
Description:A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing media player API, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled.
Description
CURRENTLY UNDER WORK... ALL I NEED TO IMPLEMENT IS JIT SPRAYING .....
Readme
Foxit nday :)

CURRENTLY UNDER WORK... ALL I NEED TO IMPLEMENT IS JIT SPRAYING .....

also tested on Version:  9.0.1.1049 so yeahh idk :) enjoy
File Snapshot

 [4.0K]  /data/pocs/e67548f6fb1f1a7dfd45cefadcf0f365dbd5e6fd
├── [ 144]  README.md
├── [4.6K]  spray_jit.js
└── [1.1K]  uaf.js

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →