This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
A PDF viewer installed on the remote host is affected by multiple
The version of Foxit Reader installed on the remote Windows host is
prior to 4.3.1.0218. It is, therefore, affected by multiple
- An integer overflow condition exists when parsing
certain ICC chunks. An attacker can exploit this, via
crafted ICC chunks in a PDF file, to cause a heap-based
buffer overflow, resulting in the execution of arbitrary
createDataObject() function. An attacker can exploit
this, via a crafted PDF file using a call to that
function, to create or overwrite arbitrary files.
See also :
Upgrade to Foxit Reader version 4.3.1.0218 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true