Kaspersky LabKLA11031KLA11031 Multiple vulnerabilities in Foxit Reader
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.13 Low
EPSS
Percentile
95.6%
Multiple serious vulnerabilities have been found in Foxit Reader and Foxit Phantom PDF. Malicious users can exploit these vulnerabilities to obtain sensitive information or execute arbitary code.
Below is a complete list of vulnerabilities:
- Multiple vulnerabilities related to an improper parsing of PDF files can be exploited remotely by convincing a user to visit a malicious web page and open a specially designed file to obtain sensitive information;
- An improper parsing of fonts in PDF files can be exploited remotely by convincing a user to visit a malicious web page and open a specially designed file to obtain sensitive information;
- A use-after-free vulnerability in the setItem function can be exploited remotely to execute arbitrary code;
- A use-after-free vulnerability in the print function can be exploited remotely to execute arbitrary code;
- A use-after-free vulnerability in the app.execMenuItem function can be exploited remotely to execute arbitrary code;
Technical details
Vulnerabilities described above exist because user-supplied data is not property validated. Sometimes it can result in an out-of-bounds read. In conjuction with other vulnerabilities, remote code execution in the context of current process is also possible.
Original advisories
Foxit Reader Security Bulletins
Related products
CVE list
CVE-2017-8455 high
CVE-2017-8454 high
CVE-2017-8453 high
CVE-2017-10946 high
CVE-2017-10947 high
CVE-2017-10948 high
Solution
Update to the latest versions
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
- OSI
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Affected Products
- Foxit Reader before 8.2.1.6871
Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.13 Low
EPSS
Percentile
95.6%