CVE-2021-40326

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*
cpe:2.3:a:foxit:phantompdf:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-08-29 05:15

Updated : 2024-02-28 19:29


NVD link : CVE-2021-40326

Mitre link : CVE-2021-40326

CVE.ORG link : CVE-2021-40326


JSON object : View

Products Affected

foxit

  • pdf_editor
  • phantompdf
  • pdf_reader

microsoft

  • windows
CWE
CWE-347

Improper Verification of Cryptographic Signature