Share
## https://sploitus.com/exploit?id=CB847F9C-B699-5DC3-96BB-61A9DA149455
# CVE-2022-28672
[](https://twitter.com/HackSysTeam)
[](https://infosec.exchange/@hacksysteam)
[](https://discord.com/invite/ns32uNhaq7)
This bug was `Use after Free` caused by improper handling of javascript object memory references.
## Blog
- [Foxit PDF Reader - UaF - RCE - JIT Spraying](https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672)
## Advisory
- [CVE-2022-28672](https://hacksys.io/advisories/HI-2022-002)
## Demo
[](https://www.youtube.com/watch?v=5K44TxWPKCQ)