CVE-2021-38566

Published: Aug 11, 2021Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows stack consumption during recursive processing of embedded XML nodes.

Affected (2)

Products: Foxitsoftware: Pdf Editor, Pdf Reader

Foxitsoftware

2 products

Pdf Editor

Pdf Reader

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Foxitsoftware Pdf Editor	Before 11.0.1
Foxitsoftware Pdf Reader	Before 11.0.1

Related CWEs

CWE-674

Uncontrolled Recursion

The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

References (2)

https://www.foxitsoftware.com/support/security-bulletins.php

Source: cve@mitre.org

Vendor Advisory

https://www.foxitsoftware.com/support/security-bulletins.php

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.