First published: Mon Aug 29 2022(Updated: )
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Foxit PDF Editor | >=11.0<11.1 | |
Foxit PDF Reader | >=11.0<11.1 | |
Foxit PhantomPDF | <10.1.6 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-41783.
The severity of CVE-2021-41783 is rated as high (7.8).
Foxit PDF Reader versions before 11.1, PDF Editor versions before 11.1, and PhantomPDF versions before 10.1.6 are affected by CVE-2021-41783.
An attacker can exploit CVE-2021-41783 by triggering a use-after-free vulnerability and executing arbitrary code due to mishandling of JavaScript.
More information about CVE-2021-41783 can be found on the Foxit website's security bulletins page.