CVE-2011-10030

HIGH

Foxit PDF Reader < 4.3.1.0218 - Code Injection

Title source: llm

Description

Foxit PDF Reader < 4.3.1.0218 exposes a JavaScript API function, createDataObject(), that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code execution the next time the system boots or the user logs in.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/16978

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by bannedit, Chris Evans · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/foxit_reader_filewrite.rb

View Code ZIP pw:eip

References (6)

[Various Sources] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/foxit_reader_filewrite.rb

[Various Sources] http://scarybeastsecurity.blogspot.com/2011/03/dangerous-file-write-bug-in-foxit-pdf.html

[Various Sources] https://www.foxit.com/pdf-reader/version-history.html

[Various Sources] https://scarybeastsecurity.blogspot.com/2011/03/dangerous-file-write-bug-in-foxit-pdf.html

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/16978

[Third Party Advisory] https://www.vulncheck.com/advisories/foxit-pdf-reader-javascript-file-write

Scores

CVSS v4 8.4

EPSS 0.0303

EPSS Percentile 86.7%

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-73

Status published

Products (1)

Foxit Software/Foxit PDF Reader < 4.3.1.0218

Published Aug 20, 2025

Tracked Since Feb 18, 2026