CVE-2021-40326

MEDIUM Year: 2021
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-347
View all →

Vulnerability Description

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.

Related Vulnerabilities

CVE-2018-10407

MEDIUM
CVSS:5.5(Medium)

An issue was discovered in Carbon Black Cb Response. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary...

CWE-3472018

CVE-2020-1464

MEDIUM
CVSS:5.5(Medium)

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed ...

CWE-3472020

CVE-2020-16922

MEDIUM
CVSS:5.5(Medium)

<p>A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly sign...

CWE-3472020

CVE-2020-8324

MEDIUM
CVSS:5.5(Medium)

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed.

CWE-3472020

CVE-2020-9226

MEDIUM
CVSS:5.5(Medium)

HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verification vulnerability. The system does not improper check signature of specific software package, an atta...

CWE-3472020

CVE-2021-0152

MEDIUM
CVSS:5.5(Medium)

Improper verification of cryptographic signature in the installer for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products in Windows 10 may allow an authenticated user to potentia...

CWE-3472021