CVE-2021-41783: Use After Free
First published: Mon Aug 29 2022(Updated: )
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Foxit PDF Editor | >=11.0<11.1 | |
| Foxit PDF Reader | >=11.0<11.1 | |
| Foxit PhantomPDF | <10.1.6 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-41783.
What is the severity of CVE-2021-41783?
The severity of CVE-2021-41783 is rated as high (7.8).
Which software versions are affected by CVE-2021-41783?
Foxit PDF Reader versions before 11.1, PDF Editor versions before 11.1, and PhantomPDF versions before 10.1.6 are affected by CVE-2021-41783.
How can an attacker exploit CVE-2021-41783?
An attacker can exploit CVE-2021-41783 by triggering a use-after-free vulnerability and executing arbitrary code due to mishandling of JavaScript.
Where can I find more information about CVE-2021-41783?
More information about CVE-2021-41783 can be found on the Foxit website's security bulletins page.
- collector/nvd-index
- agent/weakness
- vendor/foxit
- canonical/foxit pdf editor
- version/foxit pdf editor/11.0
- canonical/foxit pdf reader
- version/foxit pdf reader/11.0
- canonical/foxit phantompdf
- vendor/microsoft
- canonical/microsoft windows