PT-2021-22825 · Pdftron · Pdftron

Published

2021-12-23

Updated

2022-05-01

CVE-2021-40160

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PDFTron versions prior to 9.0.7

Description The issue allows PDFTron to read beyond allocated boundaries when parsing a maliciously crafted PDF file, potentially leading to the execution of arbitrary code.

Recommendations For versions prior to 9.0.7, update to version 9.0.7 or later to resolve the issue.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2021-40160

ZDI-22-474

Affected Products

Pdftron

PT-2021-22825 · Pdftron · Pdftron

CVE-2021-40160

Weakness Enumeration

Related Identifiers

Affected Products

References · 4