AI Score
Confidence
Low
EPSS
Percentile
28.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
[
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_reader",
"versions": [
{
"status": "affected",
"version": "-",
"versionType": "custom",
"lessThanOrEqual": "11.0.1.49938"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:-:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_editor",
"versions": [
{
"status": "affected",
"version": "-",
"versionType": "custom",
"lessThanOrEqual": "10.1.5.37672"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.1.49938:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_editor",
"versions": [
{
"status": "affected",
"version": "11.0.1.49938"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0.49893:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_editor",
"versions": [
{
"status": "affected",
"version": "11.0.0.49893"
}
],
"defaultStatus": "unknown"
}
]