Foxit Reader < 7.2 Multiple Vulnerabilities

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

A PDF viewer installed on the remote host is affected by multiple
vulnerabilities.

Description :

The version of Foxit Reader installed on the remote Windows host is
prior to 7.2. It is, therefore, affected by multiple vulnerabilities :

- A memory overflow condition exists in the PDF creator
plugin (ConvertToPDF_x86.dll) when converting a PNG file
to a PDF file due to an error that occurs when copying a
memory block. An attacker can exploit this to execute
arbitrary code. (BID 76130)

- A memory corruption issue exists when opening certain
XFA forms. An attacker can exploit this to generate
files that crash the application. (BID 76132)

- A flaw exists in the PDF creaStor plugin
(ConvertToPDF_x86.dll) that is triggered when handling
'tEXt' chunks in PNG images. An attacker can exploit
this to execute arbitrary code. (VulnDB 125418)

- A heap corruption issue exists when processing malformed
color table data in a GIF file. An unauthenticated,
remote attacker can exploit this, via a crafted GIF
file, to execute arbitrary code. (VulnDB 126400)

- A flaw exists when converting a TIFF file to a PDF file
due to reading a VTABLE from an invalid location. An
unauthenticated, remote attacker can exploit this, via
a crafted TIFF image, to execute arbitrary code.
(VulnDB 126401)

See also :

http://www.zerodayinitiative.com/advisories/ZDI-15-393/
http://www.zerodayinitiative.com/advisories/ZDI-15-395/
https://www.foxitsoftware.com/support/security-bulletins.php

Solution :

Upgrade to Foxit Reader version 7.2.0.722 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 86698 ()

Bugtraq ID: 76130
76132
76391

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now