Home

CVE-2021-21822

Description

A use-after-free vulnerability exists in the JavaScript engine of Foxit Softwares PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening a malicious file or site to trigger this vulnerability if the browser plugin extension is enabled.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
19.8

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2021-21822 are fixed in Foxit Reader (ML) (10.1.4.37651)Windows
Vulnerabilities CVE-2021-21822 are fixed in Foxit Reader (10.1.4.37651)Windows
Vulnerabilities CVE-2021-21822 are fixed in Foxit Reader Enterprise (ML) (10.1.4.37651)Windows
Vulnerabilities CVE-2021-21822 are fixed in Foxit Reader Enterprise (10.1.4.37651)Windows
Vulnerabilities CVE-2021-21822 are fixed in Foxit PhantomPDF 10 (ML) (EXE) (10.1.4.37651)Windows
Vulnerabilities CVE-2021-21822 are fixed in Foxit PhantomPDF 10 (ML) (MSI) (10.1.4.37651)Windows
Vulnerabilities CVE-2021-21822 are fixed in Foxit PhantomPDF 10 (EXE) (10.1.4.37651)Windows
Vulnerabilities CVE-2021-21822 are fixed in Foxit PhantomPDF 10 (MSI) (10.1.4.37651)Windows
Vulnerabilities CVE-2021-21822 are affected in Foxit Reader 10.1.3.37598Windows
Vulnerabilities CVE-2021-21822 are affected in Foxit Reader Enterprise 10.1.3.37598Windows
Multiple vulnerabilities are fixed in Foxit PDF Editor 11 (EXE) (11.0.1.49938)Windows
Multiple vulnerabilities are fixed in Foxit PDF Editor 11 (MSI) (11.0.1.49938)Windows
Multiple Vulnerabilities are affected in Foxit Reader Enterprise 10.1.3.37598Windows
Multiple vulnerabilities are fixed in Foxit Reader (10.1.4.37651)Windows
Multiple vulnerabilities are fixed in Foxit Reader (ML) (10.1.4.37651)Windows
Multiple vulnerabilities are fixed in Foxit Reader Enterprise (10.1.4.37651)Windows
Multiple vulnerabilities are fixed in Foxit Reader Enterprise (ML) (10.1.4.37651)Windows
Multiple vulnerabilities are fixed in Foxit PhantomPDF 10 (EXE) (10.1.4.37651)Windows
Multiple vulnerabilities are fixed in Foxit PhantomPDF 10 (MSI) (10.1.4.37651)Windows
Multiple vulnerabilities are fixed in Foxit PhantomPDF 10 (ML) (EXE) (10.1.4.37651)Windows
Multiple vulnerabilities are fixed in Foxit PhantomPDF 10 (ML) (MSI) (10.1.4.37651)Windows
Multiple vulnerabilities are fixed in Foxit PDF Editor 11 (ML) (EXE) (11.0.1.49938)Windows
Multiple vulnerabilities are fixed in Foxit PDF Editor 11 (ML) (MSI) (11.0.1.49938)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-319471Foxit Reader (ML) (10.1.4.37651)
PATCH-319470Foxit Reader (10.1.4.37651)
PATCH-319473Foxit Reader Enterprise (ML) (10.1.4.37651)
PATCH-319472Foxit Reader Enterprise (10.1.4.37651)
PATCH-319467Foxit PhantomPDF 10 (ML) (EXE) (10.1.4.37651)
PATCH-319468Foxit PhantomPDF 10 (ML) (MSI) (10.1.4.37651)
PATCH-319466Foxit PhantomPDF 10 (EXE) (10.1.4.37651)
PATCH-319469Foxit PhantomPDF 10 (MSI) (10.1.4.37651)
PATCH-341796Foxit Reader (2024.3.0.26795)
PATCH-341798Foxit PDF Reader (MSI) (2024.3.0.26795) (Formerly Foxit Reader Enterprise)
PATCH-343981Foxit PDF Editor 11 (EXE) (11.2.12.54161)
PATCH-321157Foxit PDF Editor 11 (MSI) (11.0.1.49938)
PATCH-336614Foxit Reader Enterprise (2024.1.0.23997)
PATCH-347386Foxit Reader (2025.1.0.27937)
PATCH-351917Foxit Reader (ML) (2025.2.1.33197)
PATCH-347385Foxit PDF Reader (MSI) (2025.1.0.27937)
PATCH-351864Foxit PDF Reader (ML) (MSI) (2025.2.0.33046)
PATCH-331212Foxit PhantomPDF 10 (EXE) (10.1.12.37872)
PATCH-331215Foxit PhantomPDF 10 (MSI) (10.1.12.37872)
PATCH-331213Foxit PhantomPDF 10 (ML) (EXE) (10.1.12.37872)
PATCH-331214Foxit PhantomPDF 10 (ML) (MSI) (10.1.12.37872)
PATCH-343982Foxit PDF Editor 11 (ML) (EXE) (11.2.12.54161)
PATCH-343983Foxit PDF Editor 11 (ML) (MSI) (11.2.12.54161)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234