Lucene search
HistoryAug 29, 2022 - 5:15 a.m.
CVE-2021-41781
cve-2021-41781
foxit pdf reader
foxit pdf editor
phantompdf
use-after-free
javascript
security vulnerability
nvd
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
28.7%
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
Affected configurations
Node
foxitpdf_editorRange11.0–11.1
ORfoxitpdf_readerRange11.0–11.1
ORfoxitphantompdfRange<10.1.6
microsoftwindowsMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| foxit:pdf_editor | foxit pdf editor | lt | 11.1 |
| foxit:pdf_reader | foxit pdf reader | lt | 11.1 |
| foxit:phantompdf | foxit phantompdf | lt | 10.1.6 |
Social References
More
Related
nvd
nvd
CVE-2021-41781
2022-08-29 05:15:07
cvelist
cvelist
CVE-2021-41781
2022-08-29 04:54:23
prion
prion
Design/Logic Flaw
2022-08-29 05:15:00
srcincite
srcincite
nessus
nessus
Foxit PDF Reader < 11.1 Multiple Vulnerabilities
2021-10-12 00:00:00
Foxit PDF Editor < 11.1 Multiple Vulnerabilities
2021-10-12 00:00:00
Foxit PhantomPDF < 10.1.6 Multiple Vulnerabilities
2021-11-29 00:00:00
kaspersky
kaspersky
KLA12317 Multiple vulnerabilities in Foxit Reader
2021-10-12 00:00:00
openvas
openvas
Foxit PhantomPDF Multiple Vulnerabilities (June-7 2024)
2024-06-21 00:00:00
Foxit Reader Multiple Vulnerabilities (June-6 2024)
2024-06-21 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
28.7%
Related for CVE-2021-41781