Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Foxit Reader < 7.2.2 Multiple Vulnerabilities

High

Synopsis

The remote host has been observed running a version of Foxit Reader that is subject to multiple attack vectors.

Description

Versions of Foxit Reader prior to 7.2.2 are affected by the following vulnerbilities :

- An overflow condition exists that is triggered as user-supplied input is not properly validated when handling secured PDF files. This may allow a context-dependent attacker to cause a heap-based buffer overflow, potentially allowing the execution of arbitrary code. (OSVDB 128638) - A palette index overflow issue exists that is triggered when handling incorrect GIF data in a crafted PDF file that is being debugged by 'GFlags.exe'. This may allow a context-dependent attacker to cause the program to crash or potentially execute arbitrary code. (OSVDB 128639) - A flaw exists in 'FGLags.exe' that is triggered when handling inline images during the debugging of a crafted PDF file. This may allow a context-dependent attacker to execute arbitrary code. (OSVDB 128640) - An out-of-bounds access flaw exists that is triggered when handling incorrect JPEG data in XFA forms. This may allow a context-dependent attacker to potentially execute arbitrary code. (OSVDB 128641) - A flaw exists in the 'CloseDocument()' function that is triggered when handling a specially crafted PDF file. This may allow a context-dependent attacker to crash the application or potentially execute arbitrary code. (OSVDB 128642) - A use-after-free condition exists that is triggered when handling the App object in a PDF file being saved. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (OSVDB 128643) - A use-after-free error exists in the 'print()' function. The issue is triggered when handling app references after closing a document. This may allow a context-dependent attacker to dereference already freed memory and potentially execute arbitrary code. (OSVDB 128644) - A flaw exists that is triggered during the handling of PDF files that contain recursive structure or recursive length definition in Stream objects. This may allow a context-dependent attacker to crash the application or potentially execute arbitrary code. (OSVDB 128645) - A flaw exists in the Cloud Update service. The issue is triggered as user-supplied input is not properly validated when writing data to a shared memory region. This may allow a local attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code. (OSVDB 129292) - An unspecified flaw exists that may allow an attacker to execute arbitrary code. No further details have been provided. (OSVDB 129490)

Solution

Upgrade Foxit Reader to version 7.2.2 or later.