Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Foxit Reader < 7.2 Multiple RCE

High

Synopsis

The remote host has been observed running a version of Foxit Reader that is subject to multiple Remote Code Execution (RCE) attack vectors.

Description

Versions of Foxit Reader prior to 7.1 are affected by the following vulnerbilities :

- A flaw exists in 'ConvertToPDF.dll' that is triggered when handling 'tEXt' chunks in PNG images. With a specially crafted PNG image, a context-dependent attacker can potentially execute arbitrary code. (OSVDB 125418) - A flaw exists that is triggered as user-supplied input is not properly validated when handling XFA forms. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (OSVDB 125559) - A flaw exists that is triggered when handling color tables while converting GIF images to PDF files. With a specially crafted GIF image, a context-dependent attacker can corrupt heap memory and potentially execute arbitrary code. (OSVDB 126400) - A flaw exists that is triggered when converting TIFF images to PDF files. With a specially crafted TIFF image, a context-dependent attacker can potentially execute arbitrary code. (OSVDB 126401)

Solution

Upgrade Foxit Reader to version 7.2 or later.