PT-2021-19357 · Foxit · Foxit Phantompdf

Cece

Published

2021-05-26

Updated

2021-06-24

CVE-2021-31476

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Foxit PhantomPDF version 10.1.3.37598

Description This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the handling of XFA templates due to the lack of proper validation of user-supplied data, resulting in a type confusion condition. An attacker can leverage this to execute code in the context of the current process.

Recommendations For Foxit PhantomPDF version 10.1.3.37598, consider disabling the handling of XFA templates as a temporary workaround until a patch is available. Restrict access to potentially malicious pages or files to minimize the risk of exploitation.

Fix

RCE

Type Confusion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-843

Related Identifiers

CVE-2021-31476

ZDI-21-614

Affected Products

Foxit Phantompdf

PT-2021-19357 · Foxit · Foxit Phantompdf

CVE-2021-31476

Weakness Enumeration

Related Identifiers

Affected Products

References · 6