How to Buy
This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
A PDF viewer installed on the remote host is affected by an arbitrary
code execution vulnerability.
The version of Foxit Reader installed on the remote Windows host is
prior to 6.1.4. It is, therefore, affected by a flaw in how
dynamic-link library (DLL) files are located and loaded, specifically
file imgseg.dll. The application uses a fixed path to search for this
file, and the path can include directories that may not be trusted or
under the user's control. A local attacker can exploit this issue, via
a crafted Trojan horse DLL file injected into the search path, to
execute arbitrary code with the user's privileges.
See also :
Upgrade to Foxit Reader version 6.1.4.0217 or later.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 6.0
Public Exploit Available : false
Nessus Plugin ID: 72723 ()
Bugtraq ID: 65697
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.