Vulnerability Description
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via app.launchURL in the JavaScript API.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Foxit | Pdf Editor | < 11.1 |
| Foxit | Pdf Reader | < 11.1 |
| Apple | Macos | - |
Related Weaknesses (CWE)
References
- https://github.com/dlehgus1023Third Party Advisory
- https://github.com/dlehgus1023/CVE/tree/master/CVE-2021-45979Third Party Advisory
- https://www.foxit.com/support/security-bulletins.htmlVendor Advisory
- https://github.com/dlehgus1023Third Party Advisory
- https://github.com/dlehgus1023/CVE/tree/master/CVE-2021-45979Third Party Advisory
- https://www.foxit.com/support/security-bulletins.htmlVendor Advisory
FAQ
What is CVE-2021-45979?
CVE-2021-45979 is a vulnerability with a CVSS score of 7.8 (HIGH). Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via app.launchURL in the JavaScript API.
How severe is CVE-2021-45979?
CVE-2021-45979 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-45979?
Check the references section above for vendor advisories and patch information. Affected products include: Foxit Pdf Editor, Foxit Pdf Reader, Apple Macos.