Detections
Analytics
Foxit Reader < 7.2 Multiple RCE
critical Nessus Network Monitor Plugin ID 9458
Synopsis
The remote host has been observed running a version of Foxit Reader that is subject to multiple Remote Code Execution (RCE) attack vectors.Description
Versions of Foxit Reader prior to 7.1 are affected by the following vulnerbilities :- A flaw exists in 'ConvertToPDF.dll' that is triggered when handling 'tEXt' chunks in PNG images. With a specially crafted PNG image, a context-dependent attacker can potentially execute arbitrary code.
- A flaw exists that is triggered as user-supplied input is not properly validated when handling XFA forms. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code.
- A flaw exists that is triggered when handling color tables while converting GIF images to PDF files. With a specially crafted GIF image, a context-dependent attacker can corrupt heap memory and potentially execute arbitrary code.
- A flaw exists that is triggered when converting TIFF images to PDF files. With a specially crafted TIFF image, a context-dependent attacker can potentially execute arbitrary code.
Solution
Upgrade Foxit Reader to version 7.2 or later.See Also
https://www.foxitsoftware.com/support/security-bulletins.php#FRD-29
https://www.foxitsoftware.com/support/security-bulletins.php#FRD-30
https://www.foxitsoftware.com/support/security-bulletins.php#FRD-31
https://www.foxitsoftware.com/support/security-bulletins.php#FRD-32
Plugin Details
Severity: Critical
ID: 9458
Family: CGI
Published: 8/5/2016
Updated: 3/6/2019
Risk Information
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:foxitsoftware:reader
Patch Publication Date: 7/29/2015
Vulnerability Publication Date: 7/27/2015