CVE-2021-40326 Foxit PDF Reader before 11.1 and PDF Editor before 11.1 can mishandle hidden and incremental data in signed documents.
PhantomPDF, Foxit PDF Reader and Foxit PDF Editor are packed as a plugin for Firefox and Chrome. Foxit PDF Plugin before 11.1 and Foxit PDF Editor before 11.1 are vulnerable to an out-of-bounds write vulnerability. An attacker can write to an arbitrary file, and display controlled contents, during signature verification. Foxit PDF Plugin before 11.1 and Foxit PDF Editor before 11.1 are packed as a plugin for Firefox and Chrome. Foxit PDF Plugin before 11.1 and Foxit PDF Editor before 11.1 are vulnerable to an out-of-bounds write vulnerability. An attacker can write to an arbitrary file, and display controlled contents, during signature verification. Foxit PDF Plugin before 11.1 and Foxit PDF Editor before 11.1 are packed as a plugin for Firefox and Chrome. Foxit PDF Plugin before 11.1 and Foxit PDF Editor before 11.1 are vulnerable to an out-of-bounds write vulnerability. An attacker can write to an arbitrary file, and display controlled contents, during signature verification. Foxit PDF Plugin before 11.1 and Foxit PDF Editor before 11.1 are packed as a plugin for Firefox and Chrome. Foxit PDF Plugin before 11.1 and Foxit PDF Editor before 11.1 are vulnerable to an out-of-bounds write vulnerability. An attacker can write to an arbitrary file, and display controlled contents, during signature verification. Foxit PDF Plugin before
Summary
Foxit PDF Plugin before 11.1 and Foxit PDF Editor before 11.1 are packed as a plugin for Firefox and Chrome. Foxit PDF Plugin before 11.1 and Foxit PDF Editor before 11.1 are vulnerable to an out-of-bounds write vulnerability. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.
What is Foxit PDF?
Foxit is a company that provides security software for desktops, servers and mobile devices. Foxit provides tools for PDF document management, encryption and digital signature-based products.
Foxit offers the following products:
Foxit Reader - an open source PDF viewing application for Windows, Linux, Mac OS X, Android and iOS
Foxit Software - commercial software for viewing and editing PDF documents
Foxit SDK - allows developers to integrate their applications with Foxit’s technologies
Hi-Tech PDF Converter - converts between various formats of Portable Document Format (PDF) files
Document Security Converter - converts between various formats of Portable Document Format (PDF) files
Products Affected by CVE-2021-40326
The following products are affected by CVE-2021-40326:
Foxit PDF Plugin before 11.1 and Foxit PDF Editor before 11.1
Timeline
Published on: 08/29/2022 05:15:00 UTC
Last modified on: 09/02/2022 13:39:00 UTC