Arbitrary Code Execution Vulnerability in PDFTron Prior to 9.0.7

Arbitrary Code Execution Vulnerability in PDFTron Prior to 9.0.7

CVE-2021-40160 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code.

Learn more about our Web Application Penetration Testing UK.