CVE-2022-25641: 
Foxit PDF Reader vulnerability analysis and mitigation

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, were found to contain a vulnerability related to the handling of cross-reference information during compressed-object parsing within signed documents (NVD).

The vulnerability has a CVSS v3.1 Base Score of 5.5 (Medium) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N. The issue stems from mishandling cross-reference information during compressed-object parsing within signed documents, which can lead to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack (NVD).

The vulnerability allows attackers to manipulate document content and potentially deliver incorrect signature verification information. This could lead to users trusting and signing manipulated documents, compromising the integrity of signed PDF documents (Foxit Security).

Users are advised to update to Foxit PDF Reader version 11.2.2 or later, Foxit PDF Editor version 11.2.2 or later, and PhantomPDF version 10.1.8 or later to address this vulnerability (Foxit Security).