CVE-2020-35931

EUVD-2020-23514
An issue was discovered in Foxit Reader before 10.1.1 (and before 4.1.1 on macOS) and PhantomPDF before 9.7.5 and 10.x before 10.1.1 (and before 4.1.1 on macOS). An attacker can spoof a certified PDF document via an Evil Annotation Attack because the products fail to consider a null value for a Subtype entry of the Annotation dictionary, in an incremental update.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
foxitsoftwarefoxit_reader
𝑥
< 10.1.1
foxitsoftwarephantompdf
𝑥
< 9.7.5
foxitsoftwarephantompdf
10.0.0 ≤
𝑥
< 10.1.1
foxitsoftwarefoxit_reader
𝑥
< 4.1.1
foxitsoftwarephantompdf
𝑥
< 4.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.foxitsoftware.com/support/security-bulletins.html
https://www.foxitsoftware.com/support/security-bulletins.html