Foxit Reader < 7.2 Multiple RCE

critical Nessus Network Monitor Plugin ID 9458

Synopsis

The remote host has been observed running a version of Foxit Reader that is subject to multiple Remote Code Execution (RCE) attack vectors.

Description

Versions of Foxit Reader prior to 7.1 are affected by the following vulnerbilities :

- A flaw exists in 'ConvertToPDF.dll' that is triggered when handling 'tEXt' chunks in PNG images. With a specially crafted PNG image, a context-dependent attacker can potentially execute arbitrary code.
- A flaw exists that is triggered as user-supplied input is not properly validated when handling XFA forms. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code.
- A flaw exists that is triggered when handling color tables while converting GIF images to PDF files. With a specially crafted GIF image, a context-dependent attacker can corrupt heap memory and potentially execute arbitrary code.
- A flaw exists that is triggered when converting TIFF images to PDF files. With a specially crafted TIFF image, a context-dependent attacker can potentially execute arbitrary code.

Solution

Upgrade Foxit Reader to version 7.2 or later.

See Also

https://www.foxitsoftware.com/support/security-bulletins.php#FRD-29

https://www.foxitsoftware.com/support/security-bulletins.php#FRD-30

https://www.foxitsoftware.com/support/security-bulletins.php#FRD-31

https://www.foxitsoftware.com/support/security-bulletins.php#FRD-32

Plugin Details

Severity: Critical

ID: 9458

Family: CGI

Published: 8/5/2016

Updated: 3/6/2019

Vulnerability Information

CPE: cpe:/a:foxitsoftware:reader

Patch Publication Date: 7/29/2015

Vulnerability Publication Date: 7/27/2015