Vulnerability-Lookup

CNVD-2021-100581

Vulnerability from cnvd - Published: 2021-12-17

Title

Foxit PDF Editor远程代码执行漏洞

Description

Foxit PDF Editor是中国福昕（Foxit）公司的一款PDF编辑器。 Foxit PDF Editor存在安全漏洞，该漏洞源于产品对Annotation对象进行操作之前没有验证对象的存在性。攻击者诱导用户打开恶意文件或恶意页面后可通过该漏洞导致恶意代码执行。

Severity

高

Patch Name

Foxit PDF Editor远程代码执行漏洞的补丁

Patch Description

Foxit PDF Editor是中国福昕（Foxit）公司的一款PDF编辑器。 Foxit PDF Editor存在安全漏洞，该漏洞源于产品对Annotation对象进行操作之前没有验证对象的存在性。攻击者诱导用户打开恶意文件或恶意页面后可通过该漏洞导致恶意代码执行。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://www.foxit.com/support/security-bulletins.html

Reference

https://www.zerodayinitiative.com/advisories/ZDI-21-1185/

Impacted products

Name
Foxit PDF Editor

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-34954"
    }
  },
  "description": "Foxit PDF Editor\u662f\u4e2d\u56fd\u798f\u6615\uff08Foxit\uff09\u516c\u53f8\u7684\u4e00\u6b3ePDF\u7f16\u8f91\u5668\u3002\n\nFoxit PDF Editor\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4ea7\u54c1\u5bf9Annotation\u5bf9\u8c61\u8fdb\u884c\u64cd\u4f5c\u4e4b\u524d\u6ca1\u6709\u9a8c\u8bc1\u5bf9\u8c61\u7684\u5b58\u5728\u6027\u3002\u653b\u51fb\u8005\u8bf1\u5bfc\u7528\u6237\u6253\u5f00\u6076\u610f\u6587\u4ef6\u6216\u6076\u610f\u9875\u9762\u540e\u53ef\u901a\u8fc7\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u6076\u610f\u4ee3\u7801\u6267\u884c\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.foxit.com/support/security-bulletins.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-100581",
  "openTime": "2021-12-17",
  "patchDescription": "Foxit PDF Editor\u662f\u4e2d\u56fd\u798f\u6615\uff08Foxit\uff09\u516c\u53f8\u7684\u4e00\u6b3ePDF\u7f16\u8f91\u5668\u3002\r\n\r\nFoxit PDF Editor\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4ea7\u54c1\u5bf9Annotation\u5bf9\u8c61\u8fdb\u884c\u64cd\u4f5c\u4e4b\u524d\u6ca1\u6709\u9a8c\u8bc1\u5bf9\u8c61\u7684\u5b58\u5728\u6027\u3002\u653b\u51fb\u8005\u8bf1\u5bfc\u7528\u6237\u6253\u5f00\u6076\u610f\u6587\u4ef6\u6216\u6076\u610f\u9875\u9762\u540e\u53ef\u901a\u8fc7\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u6076\u610f\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Foxit PDF Editor\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Foxit PDF Editor"
  },
  "referenceLink": "https://www.zerodayinitiative.com/advisories/ZDI-21-1185/",
  "serverity": "\u9ad8",
  "submitTime": "2021-10-19",
  "title": "Foxit PDF Editor\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2021-34954 (GCVE-0-2021-34954)

Vulnerability from cvelistv5 – Published: 2024-05-07 22:54 – Updated: 2024-08-04 00:26

Title

Foxit PDF Editor StrikeOut Annotation Use-After-Free Remote Code Execution Vulnerability

Summary

Foxit PDF Editor StrikeOut Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14355.

Severity ?

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Assigner

zdi

References

URL

Tags

	https://www.zerodayinitiative.com/advisories/ZDI-…	x_research-advisory
	https://www.foxit.com/support/security-bulletins.html	vendor-advisory

Impacted products

	Vendor	Product	Version
	Foxit	PDF Editor	Affected: 11.0.0.49893

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:foxit:pdf_editor:11.0.0.49893:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pdf_editor",
            "vendor": "foxit",
            "versions": [
              {
                "status": "affected",
                "version": "11.0.0.49893"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34954",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-08T15:28:14.460349Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:12:52.138Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:26:55.657Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ZDI-21-1185",
            "tags": [
              "x_research-advisory",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1185/"
          },
          {
            "name": "vendor-provided URL",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.foxit.com/support/security-bulletins.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "PDF Editor",
          "vendor": "Foxit",
          "versions": [
            {
              "status": "affected",
              "version": "11.0.0.49893"
            }
          ]
        }
      ],
      "dateAssigned": "2021-06-30T08:56:51.645-05:00",
      "datePublic": "2021-10-15T07:32:54.111-05:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Foxit PDF Editor StrikeOut Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14355."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-07T22:54:29.122Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-21-1185",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1185/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.foxit.com/support/security-bulletins.html"
        }
      ],
      "source": {
        "lang": "en",
        "value": "cor3sm4sh3r working with Volon Cyber Security Pvt Ltd"
      },
      "title": "Foxit PDF Editor StrikeOut Annotation Use-After-Free Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2021-34954",
    "datePublished": "2024-05-07T22:54:29.122Z",
    "dateReserved": "2021-06-17T19:27:05.650Z",
    "dateUpdated": "2024-08-04T00:26:55.657Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2021-100581

CVE-2021-34954 (GCVE-0-2021-34954)

Tags

Sightings

Nomenclature