Headline
CVE-2021-45979: CVE/CVE-2021-45979 at master · dlehgus1023/CVE
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via app.launchURL in the JavaScript API.
Foxit PDF Reader JavaScript API app.launchURL Command Injection Vulnerability (Remote Code Execution)
Product : Foxit PDF Reader macOS 11.0.1.0719
HOST OS : Windows 10 x64 (10.0.19041)
CVSS : 7.8 High (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Reference : Foxit Security Bulletins
Credit Information
- DoHyun Lee(@l33d0hyun)