Lucene search
ZhangJiaxing(@r0fm1a) from Codesafe Team of Legendsec at Qi'anxin GroupZDI-21-1181HistoryOct 15, 2021 - 12:00 a.m.
Foxit PDF Reader Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability
2021-10-1500:00:00
ZhangJiaxing(@r0fm1a) from Codesafe Team of Legendsec at Qi'anxin Group
www.zerodayinitiative.com
14
foxit pdf reader
annotation
out-of-bounds read
remote code execution
user interaction
EPSS
0.001
Percentile
16.2%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
nvd
nvd
CVE-2021-34950
2024-05-07 23:15:08
cvelist
cvelist
cnvd
cnvd
Foxit PDF Reader Remote Code Execution Vulnerability (CNVD-2021-100584)
2021-10-19 00:00:00
vulnrichment
vulnrichment
cve
cve
CVE-2021-34950
2024-05-07 23:15:08
nessus
nessus
Foxit PDF Reader < 11.1 Multiple Vulnerabilities
2021-10-12 00:00:00
Foxit PDF Editor < 11.1 Multiple Vulnerabilities
2021-10-12 00:00:00
Foxit PhantomPDF < 10.1.6 Multiple Vulnerabilities
2021-11-29 00:00:00
kaspersky
kaspersky
KLA12317 Multiple vulnerabilities in Foxit Reader
2021-10-12 00:00:00
openvas
openvas
Foxit PhantomPDF Multiple Vulnerabilities (June-7 2024)
2024-06-21 00:00:00
Foxit Reader Multiple Vulnerabilities (June-6 2024)
2024-06-21 00:00:00