Use-After-Free Vulnerability in Foxit PDF Reader and Editor
CVE-2021-41783
7.8HIGH
Summary
A use-after-free vulnerability exists in Foxit PDF Reader, PDF Editor, and PhantomPDF due to improper handling of JavaScript. This flaw can be exploited to execute arbitrary code by attackers, compromising the integrity of systems using affected versions before updates were applied. Users are encouraged to upgrade to the latest versions to mitigate risks associated with this vulnerability.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved