An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because a CombineFiles pathname is not validated.
References
Link | Resource |
---|---|
https://www.foxitsoftware.com/support/security-bulletins.php | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2021-08-11 15:15
Updated : 2021-08-12 13:58
NVD link : CVE-2021-38573
Mitre link : CVE-2021-38573
JSON object : View
CWE
Products Affected
foxitsoftware
- foxit_reader
- phantompdf