Vulnerabilities > CVE-2021-21822 - Use After Free vulnerability in Foxitsoftware Foxit Reader 10.1.3.37598
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a malicious file or site to trigger this vulnerability if the browser plugin extension is enabled.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |