CVE-2022-37379: 
Foxit PDF Reader vulnerability analysis and mitigation

This vulnerability (CVE-2022-37379) affects Foxit PDF Reader version 11.2.1.53537. The vulnerability allows remote attackers to disclose sensitive information on affected installations. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The issue specifically exists within the handling of the AFSpecial_KeystrokeEx method (Zero Day Initiative).

The vulnerability stems from the lack of validating the existence of an object prior to performing operations on the object within the AFSpecial_KeystrokeEx method. The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 MEDIUM (Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) by NVD, while Zero Day Initiative rated it with a Base Score of 3.3 LOW (Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) (NVD).

The vulnerability can lead to the disclosure of sensitive information on affected installations of Foxit PDF Reader. An attacker can leverage this vulnerability in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process (Zero Day Initiative).

Foxit has issued an update to correct this vulnerability. Users should update their installations to the latest version through the vendor's official website or through the application's update mechanism (Foxit Security Bulletins).