Foxit PhantomPDF < 7.2 Multiple Vulnerabilities

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

A PDF toolkit installed on the remote Windows host is affected by
multiple vulnerabilities.

Description :

According to its version, the Foxit PhantomPDF application (formally
known as Phantom) installed on the remote Windows host is affected by
multiple vulnerabilities :

- A memory overflow condition exists in the PDF creator
plugin (ConvertToPDF_x86.dll) when converting a PNG file
to a PDF file due to an error that occurs when copying a
memory block. An attacker can exploit this to execute
arbitrary code. (BID 76130)

- A memory corruption issue exists when opening certain
XFA forms. An attacker can exploit this to generate
files that crash the application. (BID 76132)

- A heap corruption issue exists when processing malformed
color table data in a GIF file. An unauthenticated,
remote attacker can exploit this by using a crafted GIF
file to execute arbitrary code. (VulnDB 126400)

- A flaw exists when converting a TIFF file to a PDF file
due to reading a VTABLE from an invalid location. An
unauthenticated, remote attacker can exploit this by
using a crafted TIFF image to execute arbitrary code.
(VulnDB 126401)

See also :

https://www.foxitsoftware.com/support/security_bulletins.php

Solution :

Upgrade to Foxit PhantomPDF version 7.2.0722 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 86697 ()

Bugtraq ID: 76130
76132
76391

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now