Foxit PDF reader  - Foxit PDF reader - Foxit PDF Reader – Multiple Arbitrary Code Execution Vulnerability

Multiple vulnerabilities reported in the Foxit reader allows an attacker to execute the arbitrary on the user’s system and obtain sensitive information. The affects all the versions of Foxit Reader and Foxit PhantomPDF.

Foxit is the most popular for creating, editing and viewing PDF documents. researchers from Talos, Response, Trend Micro’s Zero Day Initiative Foxit PDF Reader vulnerabilities.

CVE-2017-1448 – use-after-free Vulnerability that resides in JavaScript engine of Foxit PDF Reader, attackers could trigger this vulnerability with a specially crafted PDF document.

CVE-2017-17557 – Heap Buffer Overflow Remote Code Execution vulnerability that may crash the application.

CVE-2018-3842 – Uninitialized pointer vulnerability in the Javascript engine of Foxit PDF Reader that could result in remote code execution.

CVE-2018-3843 – Type confusion vulnerability in the way Foxit reader handles the files with associated extensions.

CVE-2018-3850 – the use-after-free vulnerability that resulting in sensitive memory disclosure or, potentially, arbitrary code execution.

CVE-2018-3853 – use-after-free vulnerability with javascript engine that lies in combinations of the ‘createTemplate’ and ‘closeDoc’ methods.

Also Read Creating and Analyzing a Malicious PDF File with PDF-Parser Tool

Assaf Baharav of Threat Response Research Team Addressed a potential issue where the application could be exposed to Remote Code Execution by abusing GoToE & GoToR Actions.

Ye Yint Min Thu htut Addressed a potential issue where the application could be exposed to Unsafe DLL Loading vulnerability that could be exploited by attackers to execute remote code.

Mitigations – Foxit PDF Reader

Foxit team released an update Foxit Reader and Foxit PhantomPDF. Users are highly recommended to update with new version 9.1 of Foxit Reader and Foxit PhantomPDF.

Source link


Please enter your comment!
Please enter your name here