CVE-2021-33793
First published: Wed Aug 11 2021(Updated: )
Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Foxitsoftware Foxit Reader | <10.1.4 | |
| Foxitsoftware Phantompdf | <10.1.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this security issue in Foxit Reader and PhantomPDF?
The vulnerability ID for this security issue in Foxit Reader and PhantomPDF is CVE-2021-33793.
What is the severity of CVE-2021-33793?
The severity of CVE-2021-33793 is critical with a CVSS score of 9.8.
What is the affected software?
The affected software includes Foxit Reader versions up to 10.1.4 and PhantomPDF versions up to 10.1.4.
How does the vulnerability in Foxit Reader and PhantomPDF occur?
The vulnerability in Foxit Reader and PhantomPDF is caused by an out-of-bounds write during Office document conversion due to mishandling of the Cross-Reference table.
Is there a fix available for CVE-2021-33793?
Yes, a fix is available for CVE-2021-33793. Users should update to Foxit Reader version 10.1.4 or later, or PhantomPDF version 10.1.4 or later.
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/foxitsoftware
- canonical/foxitsoftware foxit reader
- canonical/foxitsoftware phantompdf