Multiple vulnerabilities in Foxit Reader and Foxit PhantomPDF
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 24 |
| CVE-ID | CVE-2021-21831 CVE-2021-21870 CVE-2021-21893 CVE-2021-34846 CVE-2021-34841 CVE-2021-34839 CVE-2021-34838 CVE-2021-34837 CVE-2021-34836 CVE-2021-34851 CVE-2021-34835 CVE-2021-34834 CVE-2021-34852 CVE-2021-34847 CVE-2021-34832 CVE-2021-34831 CVE-2021-34853 CVE-2021-34840 CVE-2021-34845 CVE-2021-34844 CVE-2021-34843 CVE-2021-34842 CVE-2021-34833 |
| CWE-ID | CWE-416 CWE-787 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Foxit PDF Reader for Windows Client/Desktop applications / Office applications Foxit PDF Editor (formerly Foxit PhantomPDF) Client/Desktop applications / Office applications |
| Vendor | Foxit Software Inc. |
Security Bulletin
This security bulletin contains information about 24 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU55325
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-21831
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling certain Javascripts or annotation objects in PDF files. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU55327
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-21870
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling certain Javascripts or annotation objects in PDF files. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use-after-free
EUVDB-ID: #VU55326
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-21893
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the "event.target" property. A remote attacker can execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use-after-free
EUVDB-ID: #VU56180
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34846
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when traversing bookmark nodes in certain PDF files. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use-after-free
EUVDB-ID: #VU56173
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34841
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use-after-free
EUVDB-ID: #VU56171
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34839
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Use-after-free
EUVDB-ID: #VU56170
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34838
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Use-after-free
EUVDB-ID: #VU56169
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34837
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Use-after-free
EUVDB-ID: #VU56168
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34836
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Use-after-free
EUVDB-ID: #VU56167
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34851
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Use-after-free
EUVDB-ID: #VU56166
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34835
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Use-after-free
EUVDB-ID: #VU56165
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34834
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Use-after-free
EUVDB-ID: #VU56164
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34852
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Use-after-free
EUVDB-ID: #VU56163
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34847
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling certain Javascripts or annotation objects in PDF files. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Use-after-free
EUVDB-ID: #VU56162
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34832
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling certain Javascripts or annotation objects in PDF files. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Use-after-free
EUVDB-ID: #VU56161
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34831
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling certain Javascripts or annotation objects in PDF files. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Use-after-free
EUVDB-ID: #VU56179
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34853
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Use-after-free
EUVDB-ID: #VU56172
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34840
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Use-after-free
EUVDB-ID: #VU56178
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34845
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Use-after-free
EUVDB-ID: #VU56177
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34844
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Use-after-free
EUVDB-ID: #VU56176
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34843
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Use-after-free
EUVDB-ID: #VU56175
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34842
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Use-after-free
EUVDB-ID: #VU56174
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-34833
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling the annotation objects in certain PDF files if the same Annotation dictionary is referenced in the page structures for different pages. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Out-of-bounds write
EUVDB-ID: #VU56181
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF file, trigger an out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 10.0.0.35798 - 11.0.0.49893
Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 11.0.1.0719
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.0.35798:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.0.1.35811:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_reader_for_windows:10.1.0.37527:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:11.0.1.0719:*:*:*:*:*:*:*
https://www.foxit.com/support/security-bulletins.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
