ID CVE-2018-14299 Type cve Reporter cve@mitre.org Modified 2019-10-09T23:34:00
Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Line annotations. By manipulating a document's elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6215.
{"id": "CVE-2018-14299", "bulletinFamily": "NVD", "title": "CVE-2018-14299", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Line annotations. By manipulating a document's elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6215.", "published": "2018-07-31T20:29:00", "modified": "2019-10-09T23:34:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14299", "reporter": "cve@mitre.org", "references": ["https://www.foxitsoftware.com/support/security-bulletins.php", "https://zerodayinitiative.com/advisories/ZDI-18-759"], "cvelist": ["CVE-2018-14299"], "type": "cve", "lastseen": "2020-12-09T20:25:35", "edition": 6, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "zdi", "idList": ["ZDI-18-759"]}, {"type": "kaspersky", "idList": ["KLA11314"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813263"]}], "modified": "2020-12-09T20:25:35", "rev": 2}, "score": {"value": 3.0, "vector": "NONE", "modified": "2020-12-09T20:25:35", "rev": 2}, "vulnersScore": 3.0}, "cpe": ["cpe:/a:foxitsoftware:foxit_reader:9.1.0.5096", "cpe:/a:foxitsoftware:phantompdf:9.1.0.5096"], "affectedSoftware": [{"cpeName": "foxitsoftware:foxit_reader", "name": "foxitsoftware foxit reader", "operator": "le", "version": "9.1.0.5096"}, {"cpeName": "foxitsoftware:phantompdf", "name": "foxitsoftware phantompdf", "operator": "le", "version": "9.1.0.5096"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "cpe23": ["cpe:2.3:a:foxitsoftware:phantompdf:9.1.0.5096:*:*:*:*:*:*:*", "cpe:2.3:a:foxitsoftware:foxit_reader:9.1.0.5096:*:*:*:*:*:*:*"], "cwe": ["CWE-416"], "scheme": null, "affectedConfiguration": [{"cpeName": "microsoft:windows", "name": "microsoft windows", "operator": "eq", "version": "-"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:foxitsoftware:phantompdf:9.1.0.5096:*:*:*:*:*:*:*", "versionEndIncluding": "9.1.0.5096", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:foxitsoftware:foxit_reader:9.1.0.5096:*:*:*:*:*:*:*", "versionEndIncluding": "9.1.0.5096", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}]}}
{"zdi": [{"lastseen": "2020-06-22T11:41:32", "bulletinFamily": "info", "cvelist": ["CVE-2018-14299"], "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Line annotations. By manipulating a document's elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.", "edition": 1, "modified": "2018-06-22T00:00:00", "published": "2018-07-19T00:00:00", "id": "ZDI-18-759", "href": "https://www.zerodayinitiative.com/advisories/ZDI-18-759/", "title": "Foxit Reader Line Annotation leaderExtend Use-After-Free Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2020-09-02T11:54:57", "bulletinFamily": "info", "cvelist": ["CVE-2018-14302", "CVE-2018-14281", "CVE-2018-14283", "CVE-2018-11621", "CVE-2018-14264", "CVE-2018-14306", "CVE-2018-14276", "CVE-2018-14246", "CVE-2018-14272", "CVE-2018-14305", "CVE-2018-14290", "CVE-2018-14271", "CVE-2018-14243", "CVE-2018-14270", "CVE-2018-14241", "CVE-2018-14275", "CVE-2018-14304", "CVE-2018-14244", "CVE-2018-14258", "CVE-2018-14265", "CVE-2018-14253", "CVE-2018-14309", "CVE-2018-14291", "CVE-2018-14286", "CVE-2018-14257", "CVE-2018-14310", "CVE-2018-14254", "CVE-2018-14279", "CVE-2018-14262", "CVE-2018-14301", "CVE-2018-3939", "CVE-2018-14274", "CVE-2018-14285", "CVE-2018-14260", "CVE-2018-14278", "CVE-2018-14307", "CVE-2018-14293", "CVE-2018-14266", "CVE-2018-14315", "CVE-2018-14300", "CVE-2018-14294", "CVE-2018-14317", "CVE-2018-14312", "CVE-2018-14263", "CVE-2018-14297", "CVE-2018-14287", "CVE-2018-14242", "CVE-2018-14308", "CVE-2018-11617", "CVE-2018-14314", "CVE-2018-14249", "CVE-2018-14277", "CVE-2018-14261", "CVE-2018-14245", "CVE-2018-14273", "CVE-2018-14248", "CVE-2018-14316", "CVE-2018-14311", "CVE-2018-14295", "CVE-2018-14292", "CVE-2018-14267", "CVE-2018-14247", "CVE-2018-11622", "CVE-2018-14259", "CVE-2018-14313", "CVE-2018-14296", "CVE-2018-14255", "CVE-2018-14268", "CVE-2018-14288", "CVE-2018-14298", "CVE-2018-11620", "CVE-2018-11619", "CVE-2018-14256", "CVE-2018-14269", "CVE-2018-11618", "CVE-2018-14284", "CVE-2018-14299", "CVE-2018-14289", "CVE-2018-11623", "CVE-2018-3924", "CVE-2018-14280", "CVE-2018-14252", "CVE-2018-14303", "CVE-2018-14282", "CVE-2018-14251", "CVE-2018-14250"], "description": "### *Detect date*:\n07/19/2018\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information.\n\n### *Affected products*:\nFoxit Reader earlier than 9.2.0.9097 \nFoxit PhantomPDF earlier than 9.2.0.9097\n\n### *Solution*:\nUpdate to the latest version \n[Download Foxit Reader](<https://www.foxitsoftware.com/downloads/#Foxit-Reader>) \n[Download Foxit PhantomPDF](<https://www.foxitsoftware.com/downloads/#Foxit-PhantomPDF-Business>)\n\n### *Original advisories*:\n[Security updates available in Foxit Reader 9.2 and Foxit PhantomPDF 9.2](<https://www.foxitsoftware.com/support/security-bulletins.php>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Foxit Reader](<https://threats.kaspersky.com/en/product/Foxit-Reader/>)\n\n### *CVE-IDS*:\n[CVE-2018-11617](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11617>)6.8High \n[CVE-2018-11618](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11618>)6.8High \n[CVE-2018-11619](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11619>)6.8High \n[CVE-2018-11620](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11620>)4.3Warning \n[CVE-2018-11621](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11621>)4.3Warning \n[CVE-2018-11622](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11622>)6.8High \n[CVE-2018-11623](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11623>)6.8High \n[CVE-2018-14241](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14241>)6.8High \n[CVE-2018-14242](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14242>)6.8High \n[CVE-2018-14243](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14243>)6.8High \n[CVE-2018-14244](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14244>)6.8High \n[CVE-2018-14245](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14245>)6.8High \n[CVE-2018-14246](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14246>)6.8High \n[CVE-2018-14247](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14247>)6.8High \n[CVE-2018-14248](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14248>)6.8High \n[CVE-2018-14249](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14249>)6.8High \n[CVE-2018-14250](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14250>)6.8High \n[CVE-2018-14251](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14251>)6.8High \n[CVE-2018-14252](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14252>)6.8High \n[CVE-2018-14253](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14253>)6.8High \n[CVE-2018-14254](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14254>)6.8High \n[CVE-2018-14255](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14255>)6.8High \n[CVE-2018-14256](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14256>)6.8High \n[CVE-2018-14257](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14257>)6.8High \n[CVE-2018-14258](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14258>)6.8High \n[CVE-2018-14259](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14259>)6.8High \n[CVE-2018-14260](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14260>)6.8High \n[CVE-2018-14261](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14261>)6.8High \n[CVE-2018-14262](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14262>)6.8High \n[CVE-2018-14263](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14263>)6.8High \n[CVE-2018-14264](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14264>)6.8High \n[CVE-2018-14265](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14265>)6.8High \n[CVE-2018-14266](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14266>)6.8High \n[CVE-2018-14267](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14267>)6.8High \n[CVE-2018-14268](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14268>)6.8High \n[CVE-2018-14269](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14269>)6.8High \n[CVE-2018-14270](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14270>)6.8High \n[CVE-2018-14271](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14271>)6.8High \n[CVE-2018-14272](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14272>)6.8High \n[CVE-2018-14273](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14273>)6.8High \n[CVE-2018-14274](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14274>)6.8High \n[CVE-2018-14275](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14275>)6.8High \n[CVE-2018-14276](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14276>)6.8High \n[CVE-2018-14277](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14277>)6.8High \n[CVE-2018-14278](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14278>)6.8High \n[CVE-2018-14279](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14279>)6.8High \n[CVE-2018-14280](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14280>)6.8High \n[CVE-2018-14281](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14281>)6.8High \n[CVE-2018-14282](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14282>)6.8High \n[CVE-2018-14283](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14283>)6.8High \n[CVE-2018-14284](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14284>)6.8High \n[CVE-2018-14285](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14285>)6.8High \n[CVE-2018-14286](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14286>)6.8High \n[CVE-2018-14287](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14287>)6.8High \n[CVE-2018-14288](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14288>)6.8High \n[CVE-2018-14289](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14289>)4.3Warning \n[CVE-2018-14290](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14290>)6.8High \n[CVE-2018-14291](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14291>)6.8High \n[CVE-2018-14292](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14292>)6.8High \n[CVE-2018-14293](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14293>)6.8High \n[CVE-2018-14294](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14294>)6.8High \n[CVE-2018-14295](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14295>)6.8High \n[CVE-2018-14296](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14296>)6.8High \n[CVE-2018-14297](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14297>)6.8High \n[CVE-2018-14298](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14298>)6.8High \n[CVE-2018-14299](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14299>)6.8High \n[CVE-2018-14300](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14300>)6.8High \n[CVE-2018-14301](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14301>)6.8High \n[CVE-2018-14302](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14302>)6.8High \n[CVE-2018-14303](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14303>)6.8High \n[CVE-2018-14304](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14304>)6.8High \n[CVE-2018-14305](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14305>)6.8High \n[CVE-2018-14306](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14306>)6.8High \n[CVE-2018-14307](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14307>)6.8High \n[CVE-2018-14308](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14308>)6.8High \n[CVE-2018-14309](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14309>)6.8High \n[CVE-2018-14310](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14310>)6.8High \n[CVE-2018-14311](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14311>)6.8High \n[CVE-2018-14312](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14312>)6.8High \n[CVE-2018-14313](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14313>)6.8High \n[CVE-2018-14314](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14314>)6.8High \n[CVE-2018-14315](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14315>)2.6Warning \n[CVE-2018-14316](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14316>)6.8High \n[CVE-2018-14317](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14317>)6.8High \n[CVE-2018-3924](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3924>)8.8Critical \n[CVE-2018-3939](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3939>)7.8Critical", "edition": 27, "modified": "2020-05-22T00:00:00", "published": "2018-07-19T00:00:00", "id": "KLA11314", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11314", "title": "\r KLA11314Multiple vulnerabilities in Foxit Reader ", "type": "kaspersky", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-07-17T14:18:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-14302", "CVE-2018-14281", "CVE-2018-17619", "CVE-2018-14283", "CVE-2018-11621", "CVE-2018-14264", "CVE-2018-14306", "CVE-2018-14276", "CVE-2018-14246", "CVE-2018-14272", "CVE-2018-14305", "CVE-2018-14290", "CVE-2018-14271", "CVE-2018-14243", "CVE-2018-14270", "CVE-2018-14241", "CVE-2018-14275", "CVE-2018-14304", "CVE-2018-14244", "CVE-2018-14258", "CVE-2018-14265", "CVE-2018-17618", "CVE-2018-14253", "CVE-2018-14309", "CVE-2018-14291", "CVE-2018-14286", "CVE-2018-17621", "CVE-2018-14257", "CVE-2018-14310", "CVE-2018-14254", "CVE-2018-17622", "CVE-2018-14279", "CVE-2018-14262", "CVE-2018-14301", "CVE-2018-3939", "CVE-2018-14274", "CVE-2018-14285", "CVE-2018-14260", "CVE-2018-14278", "CVE-2018-14307", "CVE-2018-17615", "CVE-2018-14293", "CVE-2018-14266", "CVE-2018-14315", "CVE-2018-14300", "CVE-2018-14294", "CVE-2018-14317", "CVE-2018-14312", "CVE-2018-14263", "CVE-2018-14297", "CVE-2018-14287", "CVE-2018-14242", "CVE-2018-14308", "CVE-2018-11617", "CVE-2018-14314", "CVE-2018-14249", "CVE-2018-14277", "CVE-2018-14261", "CVE-2018-14245", "CVE-2018-14273", "CVE-2018-14248", "CVE-2018-14316", "CVE-2018-14311", "CVE-2018-14292", "CVE-2018-14267", "CVE-2018-14247", "CVE-2018-11622", "CVE-2018-17617", "CVE-2018-14259", "CVE-2018-14313", "CVE-2018-14255", "CVE-2018-14268", "CVE-2018-14288", "CVE-2018-14298", "CVE-2018-17616", "CVE-2018-11620", "CVE-2018-11619", "CVE-2018-14256", "CVE-2018-17620", "CVE-2018-14269", "CVE-2018-11618", "CVE-2018-14284", "CVE-2018-14299", "CVE-2018-14289", "CVE-2018-17624", "CVE-2018-11623", "CVE-2018-3924", "CVE-2018-14280", "CVE-2018-14252", "CVE-2018-14303", "CVE-2018-14282", "CVE-2018-14251", "CVE-2018-14250"], "description": "The host is installed with Foxit Reader and\n is prone to multiple code execution vulnerabilities.", "modified": "2019-07-05T00:00:00", "published": "2018-07-20T00:00:00", "id": "OPENVAS:1361412562310813263", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813263", "type": "openvas", "title": "Foxit Reader 'JavaScript' Remote Code Execution Vulnerabilities (Windows)", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# Foxit Reader 'JavaScript' Remote Code Execution Vulnerabilities (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation;\n# either version 2 of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:foxitsoftware:reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813263\");\n script_version(\"2019-07-05T10:16:38+0000\");\n script_cve_id(\"CVE-2018-11617\", \"CVE-2018-11618\", \"CVE-2018-11619\", \"CVE-2018-11620\",\n \"CVE-2018-11621\", \"CVE-2018-11622\", \"CVE-2018-11623\", \"CVE-2018-14241\",\n \"CVE-2018-14242\", \"CVE-2018-14243\", \"CVE-2018-14244\", \"CVE-2018-14245\",\n \"CVE-2018-14246\", \"CVE-2018-14247\", \"CVE-2018-14248\", \"CVE-2018-14249\",\n \"CVE-2018-14250\", \"CVE-2018-14251\", \"CVE-2018-14252\", \"CVE-2018-14253\",\n \"CVE-2018-14254\", \"CVE-2018-14255\", \"CVE-2018-14256\", \"CVE-2018-14257\",\n \"CVE-2018-14258\", \"CVE-2018-14259\", \"CVE-2018-14260\", \"CVE-2018-14261\",\n \"CVE-2018-14262\", \"CVE-2018-14263\", \"CVE-2018-14264\", \"CVE-2018-14265\",\n \"CVE-2018-14266\", \"CVE-2018-14267\", \"CVE-2018-14268\", \"CVE-2018-14269\",\n \"CVE-2018-14270\", \"CVE-2018-14271\", \"CVE-2018-14272\", \"CVE-2018-14273\",\n \"CVE-2018-14274\", \"CVE-2018-14275\", \"CVE-2018-14276\", \"CVE-2018-14277\",\n \"CVE-2018-14278\", \"CVE-2018-14279\", \"CVE-2018-14280\", \"CVE-2018-14281\",\n \"CVE-2018-14282\", \"CVE-2018-14283\", \"CVE-2018-14284\", \"CVE-2018-14285\",\n \"CVE-2018-14286\", \"CVE-2018-14287\", \"CVE-2018-14288\", \"CVE-2018-14289\",\n \"CVE-2018-14290\", \"CVE-2018-14291\", \"CVE-2018-14292\", \"CVE-2018-14293\",\n \"CVE-2018-14294\", \"CVE-2018-14297\", \"CVE-2018-14298\", \"CVE-2018-14299\",\n \"CVE-2018-14300\", \"CVE-2018-14301\", \"CVE-2018-14302\", \"CVE-2018-14303\",\n \"CVE-2018-14304\", \"CVE-2018-14305\", \"CVE-2018-14306\", \"CVE-2018-14307\",\n \"CVE-2018-14308\", \"CVE-2018-14309\", \"CVE-2018-14310\", \"CVE-2018-14311\",\n \"CVE-2018-14312\", \"CVE-2018-14313\", \"CVE-2018-14314\", \"CVE-2018-14315\",\n \"CVE-2018-14316\", \"CVE-2018-14317\", \"CVE-2018-3924\", \"CVE-2018-3939\",\n \"CVE-2018-17624\", \"CVE-2018-17622\", \"CVE-2018-17620\", \"CVE-2018-17621\",\n \"CVE-2018-17618\", \"CVE-2018-17619\", \"CVE-2018-17617\", \"CVE-2018-17615\",\n \"CVE-2018-17616\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:16:38 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-07-20 15:00:12 +0530 (Fri, 20 Jul 2018)\");\n script_name(\"Foxit Reader 'JavaScript' Remote Code Execution Vulnerabilities (Windows)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Foxit Reader and\n is prone to multiple code execution vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - The user-after-free vulnerability that exists in the JavaScript, When\n executing embedded JavaScript code a document can be cloned. which frees\n a lot of used objects, but the JavaScript can continue to execute.\n\n - The use-after-free vulnerability found in the Javascript engine that can\n result in remote code execution.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Foxit Reader versions before 9.2 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Foxit Reader version 9.2\n or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://www.foxitsoftware.com/support/security-bulletins.php#content-2018\");\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_foxit_reader_detect_portable_win.nasl\");\n script_mandatory_keys(\"foxit/reader/ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\npdfVer = infos['version'];\npdfPath = infos['location'];\n\nif(version_is_less(version:pdfVer, test_version:\"9.2\"))\n{\n report = report_fixed_ver(installed_version:pdfVer, fixed_version:\"9.2\", install_path:pdfPath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
