CVE-2021-34280

HIGH

Polaris Office v9.103.83.44230 - Remote Code Execution via Crafted PDF File

Title source: llm

Description

Polaris Office v9.103.83.44230 is affected by a Uninitialized Pointer Vulnerability in PolarisOffice.exe and EngineDLL.dll that may cause a Remote Code Execution. To exploit the vulnerability, someone must open a crafted PDF file.

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

https://github.com/dlehgus1023/CVE/tree/master/CVE-2021-34280

Scores

CVSS v3 7.8

EPSS 0.0131

EPSS Percentile 66.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-824

Status published

Products (1)

polarisoffice/polaris_office 9.103.83.44230

Published Jun 08, 2021

Tracked Since Feb 18, 2026