Vulnerability Description
Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Foxit | Pdf Editor | >= 11.0, < 11.1 |
| Foxit | Pdf Reader | >= 11.0, < 11.1 |
| Foxit | Phantompdf | < 10.1.6 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.foxit.com/support/security-bulletins.htmlVendor Advisory
- https://www.foxit.com/support/security-bulletins.htmlVendor Advisory
FAQ
What is CVE-2021-41780?
CVE-2021-41780 is a vulnerability with a CVSS score of 7.8 (HIGH). Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.
How severe is CVE-2021-41780?
CVE-2021-41780 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-41780?
Check the references section above for vendor advisories and patch information. Affected products include: Foxit Pdf Editor, Foxit Pdf Reader, Foxit Phantompdf, Microsoft Windows.