Foxit PhantomPDF < 8.3.8 Multiple Vulnerabilities

2018-11-30T00:00:00
ID FOXIT_PHANTOM_8_3_8.NASL
Type nessus
Reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2020-03-02T00:00:00

Description

According to its version, the Foxit PhantomPDF application (formally known as Phantom) installed on the remote Windows host is prior to 8.3.7. It is, therefore, affected by multiple arbitrary code execution and information disclosure vulnerabilities.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(119309);
  script_version("1.3");
  script_cvs_date("Date: 2019/11/01");

  script_cve_id(
    "CVE-2018-3940",
    "CVE-2018-3941",
    "CVE-2018-3942",
    "CVE-2018-3943",
    "CVE-2018-3944",
    "CVE-2018-3945",
    "CVE-2018-3946",
    "CVE-2018-3957",
    "CVE-2018-3958",
    "CVE-2018-3959",
    "CVE-2018-3960",
    "CVE-2018-3961",
    "CVE-2018-3962",
    "CVE-2018-3964",
    "CVE-2018-3965",
    "CVE-2018-3966",
    "CVE-2018-3967",
    "CVE-2018-3992",
    "CVE-2018-3993",
    "CVE-2018-3994",
    "CVE-2018-3995",
    "CVE-2018-3996",
    "CVE-2018-3997",
    "CVE-2018-16291",
    "CVE-2018-16292",
    "CVE-2018-16293",
    "CVE-2018-16294",
    "CVE-2018-16295",
    "CVE-2018-16296",
    "CVE-2018-16297",
    "CVE-2018-17781"
  );

  script_name(english:"Foxit PhantomPDF < 8.3.8 Multiple Vulnerabilities");
  script_summary(english:"Checks the version of Foxit PhantomPDF.");

  script_set_attribute(attribute:"synopsis", value:
"A PDF toolkit installed on the remote Windows host is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its version, the Foxit PhantomPDF application (formally
known as Phantom) installed on the remote Windows host is prior to
8.3.7. It is, therefore, affected by multiple arbitrary code execution
and information disclosure vulnerabilities.");
  script_set_attribute(attribute:"see_also", value:"https://www.foxitsoftware.com/support/security-bulletins.php");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Foxit PhantomPDF version 8.3.8 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"manual");
  script_set_attribute(attribute:"cvss_score_rationale", value:"Score based on analysis of the vendor advisory.");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/02");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/08/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:foxitsoftware:phantom");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:foxitsoftware:phantompdf");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("foxit_phantom_installed.nasl");
  script_require_keys("installed_sw/FoxitPhantomPDF");

  exit(0);
}

include('vcf.inc');

app = 'FoxitPhantomPDF';

app_info = vcf::get_app_info(app:app, win_local:TRUE);

constraints = [{
  'min_version' : '8.0',
  'max_version' : '8.3.7.38093',
  'fixed_version' : '8.3.8'
  }];


vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);