This script is Copyright (C) 2017 Tenable Network Security, Inc.
A PDF toolkit installed on the remote Windows host is affected by
According to its version, the Foxit PhantomPDF application (formally
known as Phantom) installed on the remote Windows host is prior to
8.3.2. It is, therefore, affected by multiple vulnerabilities:
- A flaw exists in the app.launchURL() method allowing
a context-dependent attacker to potentially execute
arbitrary code. (CVE-2017-10951)
a context-dependent attacker to write to arbitrary
files and potentially execute arbitrary code.
- A flaw that is triggered during the handling of the
createDataObject() function calls that may allow an
attacker to create arbitrary executable files on the
local system. (OSVDB164283)
- A flaw exists that is triggered during the handling of
xfa.host.gotoURL() function calls that may allow an
attacker to execute arbitrary commands. (OSVDB164284)
See also :
Upgrade to Foxit PhantomPDF version 8.3.2 or later.
Risk factor :
High / CVSS Base Score : 7.5
Public Exploit Available : true