Use-After-Free Vulnerability in Foxit PDF Reader, PDF Editor, and PhantomPDF

Use-After-Free Vulnerability in Foxit PDF Reader, PDF Editor, and PhantomPDF

CVE-2021-41782 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

Learn more about our Web Application Penetration Testing UK.