vulnerability

Foxit Reader: Use After Free (CVE-2021-41784)

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:C/A:C)

Published

Aug 29, 2022

Added

Apr 20, 2023

Modified

Apr 7, 2026

Description

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

Solution

foxit-reader-upgrade-11_1

References

CVE-2021-41784
https://attackerkb.com/topics/CVE-2021-41784
CWE-416
EUVD-EUVD-2021-28792
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-28792
https://www.foxit.com/support/security-bulletins.html

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report