Synopsis
The remote host has been observed running a version of Foxit Reader that is subject to multiple Remote Code Execution (RCE) attack vectors.
Description
Versions of Foxit Reader prior to 7.1 are affected by the following vulnerbilities :
- A flaw exists in 'ConvertToPDF.dll' that is triggered when handling 'tEXt' chunks in PNG images. With a specially crafted PNG image, a context-dependent attacker can potentially execute arbitrary code.
- A flaw exists that is triggered as user-supplied input is not properly validated when handling XFA forms. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code.
- A flaw exists that is triggered when handling color tables while converting GIF images to PDF files. With a specially crafted GIF image, a context-dependent attacker can corrupt heap memory and potentially execute arbitrary code.
- A flaw exists that is triggered when converting TIFF images to PDF files. With a specially crafted TIFF image, a context-dependent attacker can potentially execute arbitrary code.
Solution
Upgrade Foxit Reader to version 7.2 or later.