An issue was discovered in Foxit Reader before 10.1.1 (and before 4.1.1 on macOS) and PhantomPDF before 9.7.5 and 10.x before 10.1.1 (and before 4.1.1 on macOS). An attacker can spoof a certified PDF document via an Evil Annotation Attack because the products fail to consider a null value for a Subtype entry of the Annotation dictionary, in an incremental update.
CPE | Name | Operator | Version |
---|---|---|---|
foxit_reader | lt | 10.1.1 | |
foxit_reader | lt | 4.1.1 | |
phantompdf | lt | 9.7.5 | |
phantompdf | ge | 10.0.0 | |
phantompdf | lt | 10.1.1 | |
phantompdf | lt | 4.1.1 |