Vulnerabilities > CVE-2021-38567 - NULL Pointer Dereference vulnerability in multiple products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

foxitsoftware

foxit

CWE-476

NVD

Published: 2021-08-11

Updated: 2023-08-08

Summary

An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Reader before 11.0.1 on macOS. It mishandles missing dictionary entries, leading to a NULL pointer dereference, aka CNVD-C-2021-95204.

Vulnerable Configurations

Part	Description	Count
Application	Foxitsoftware Foxitsoftware PDF Editor *	1
Application	Foxit Foxit PDF Reader - Foxit PDF Reader 8.3.2.25013 Foxit PDF Reader 9.0.1.1049 Foxit PDF Reader 10.1.3.37598 Foxit PDF Reader 10.1.4.37651	5

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://www.foxitsoftware.com/support/security-bulletins.php