CVE-2021-38569
HIGHFoxit Reader & PhantomPDF <10.1.4 - Memory Corruption
Title source: llmDescription
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.foxitsoftware.com/support/security-bulletins.php
Scores
CVSS v3
7.5
EPSS
0.0096
EPSS Percentile
56.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-674
Status
published
Products (2)
foxitsoftware/foxit_reader
< 10.1.4
foxitsoftware/phantompdf
< 10.1.4
Published
Aug 11, 2021
Tracked Since
Feb 18, 2026