Vulnerability Description
Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled.
CVSS Score
5.5
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Foxitsoftware | Foxit Reader | < 10.1.4 |
| Foxitsoftware | Phantompdf | < 10.1.4 |
Related Weaknesses (CWE)
References
- https://www.foxitsoftware.com/support/security-bulletins.htmlVendor Advisory
- https://www.foxitsoftware.com/support/security-bulletins.htmlVendor Advisory
FAQ
What is CVE-2021-33795?
CVE-2021-33795 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled.
How severe is CVE-2021-33795?
CVE-2021-33795 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-33795?
Check the references section above for vendor advisories and patch information. Affected products include: Foxitsoftware Foxit Reader, Foxitsoftware Phantompdf.