CVE-2021-34969

Name of the Vulnerable Software and Affected Versions Foxit PhantomPDF versions (affected versions not specified) Foxit Reader versions (affected versions not specified)

Description The issue is related to a buffer overflow when handling annotation objects, which can allow a remote attacker to execute arbitrary code using a specially crafted malicious PDF file. The vulnerability exists due to the lack of validation of an object's existence before performing operations on it. This can be leveraged by an attacker, in conjunction with other vulnerabilities, to disclose sensitive information on affected installations. User interaction is required, such as visiting a malicious page or opening a malicious file.

Recommendations For Foxit PhantomPDF, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Foxit Reader, at the moment, there is no information about a newer version that contains a fix for this vulnerability.