Use-After-Free Vulnerability in Foxit PDF Reader and Editor
CVE-2021-41782

7.8HIGH

Key Information:

Vendor
Foxit
Vendor
CVE Published:
29 August 2022

Summary

Foxit PDF Reader, PDF Editor, and PhantomPDF prior to specified versions are susceptible to a use-after-free vulnerability. This issue arises when JavaScript is improperly processed, allowing attackers to potentially execute arbitrary code on affected systems. It is crucial for users to update their software to mitigate risks associated with this vulnerability.

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.