Lucene search
HistoryAug 29, 2022 - 5:15 a.m.
CVE-2021-41784
foxit
pdf reader
cve-2021-41784
use-after-free
vulnerability
javascript
arbitrary code
nvd
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
28.7%
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
Affected configurations
Node
foxitpdf_editorRange11.0–11.1
ORfoxitpdf_readerRange11.0–11.1
ORfoxitphantompdfRange<10.1.6
microsoftwindowsMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| foxit:pdf_editor | foxit pdf editor | lt | 11.1 |
| foxit:pdf_reader | foxit pdf reader | lt | 11.1 |
| foxit:phantompdf | foxit phantompdf | lt | 10.1.6 |
Social References
More
Related
srcincite
srcincite
prion
prion
Design/Logic Flaw
2022-08-29 05:15:00
cvelist
cvelist
CVE-2021-41784
2022-08-29 04:54:05
nvd
nvd
CVE-2021-41784
2022-08-29 05:15:08
nessus
nessus
Foxit PDF Reader < 11.1 Multiple Vulnerabilities
2021-10-12 00:00:00
Foxit PDF Editor < 11.1 Multiple Vulnerabilities
2021-10-12 00:00:00
Foxit PhantomPDF < 10.1.6 Multiple Vulnerabilities
2021-11-29 00:00:00
openvas
openvas
Foxit Reader Multiple Vulnerabilities (June-6 2024)
2024-06-21 00:00:00
Foxit PhantomPDF Multiple Vulnerabilities (June-7 2024)
2024-06-21 00:00:00
kaspersky
kaspersky
KLA12317 Multiple vulnerabilities in Foxit Reader
2021-10-12 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
28.7%
Related for CVE-2021-41784