This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
A PDF viewer installed on the remote host is affected by an arbitrary
code execution vulnerability.
The version of Foxit Reader installed on the remote Windows host is
prior to 6.1.4. It is, therefore, affected by a flaw in how
dynamic-link library (DLL) files are located and loaded, specifically
file imgseg.dll. The application uses a fixed path to search for this
file, and the path can include directories that may not be trusted or
under the user's control. A local attacker can exploit this issue, via
a crafted Trojan horse DLL file injected into the search path, to
execute arbitrary code with the user's privileges.
See also :
Upgrade to Foxit Reader version 6.1.4.0217 or later.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 6.0
Public Exploit Available : false