Foxit Reader browseForDoc Out-Of-Bounds Write Remote Code Execution Vulnerability ZDI-21-561 ZDI-CAN-13523 Key Information CVE ID: CVE-2021-31473 CVSS Score: 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) Affected Vendor: Foxit Affected Product: Foxit Reader Vulnerability Details Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability, typically by visiting a malicious page or opening a malicious file. Flaw: The issue stems from a lack of proper validation of user-supplied data within the browseForDoc function, leading to a write past the end of an allocated data structure. Attackers can exploit this to execute code in the context of the current process. Additional Details Fix: Foxit has released an update to address this vulnerability. More details can be found at: https://www.foxitsoftware.com/support/security-bulletins.php Disclosure Timeline 2021-04-22: Vulnerability reported to vendor 2021-05-11: Public release of advisory Credit Anonymous