This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
A PDF viewer installed on the remote host is affected by an arbitrary
code execution vulnerability.
The version of Foxit Reader installed on the remote Windows host is
prior to 5.4.3. It is, therefore, affected by a flaw in how
dynamic-link library (DLL) files are located and loaded, specifically
file fxdecod1.dll. The application uses a fixed path to search for
this file, and the path can include directories that may not be
trusted or under the user's control. A local attacker can exploit this
issue, via a crafted Trojan horse DLL file injected into the search
path, to execute arbitrary code with the user's privileges.
See also :
Upgrade to Foxit Reader version 5.4.3 or later.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 5.7
Public Exploit Available : true