CVE-2021-34280
HIGHPolarisoffice Polaris Office - Remote Code Execution
Title source: ruleDescription
Polaris Office v9.103.83.44230 is affected by a Uninitialized Pointer Vulnerability in PolarisOffice.exe and EngineDLL.dll that may cause a Remote Code Execution. To exploit the vulnerability, someone must open a crafted PDF file.
Scores
CVSS v3
7.8
EPSS
0.0068
EPSS Percentile
71.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-824
Status
published
Products (1)
polarisoffice/polaris_office
9.103.83.44230
Published
Jun 08, 2021
Tracked Since
Feb 18, 2026