Lucene search
This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.FOXIT_READER_10_0_1.NASLHistoryAug 04, 2020 - 12:00 a.m.
Foxit Reader < 10.0.1 Multiple Vulnerabilities
2020-08-0400:00:00
This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.0.1. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(139316);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/09");
script_cve_id(
"CVE-2020-11493",
"CVE-2020-12247",
"CVE-2020-12248",
"CVE-2020-15637",
"CVE-2020-15638"
);
script_name(english:"Foxit Reader < 10.0.1 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities");
script_set_attribute(attribute:"description", value:
"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 10.0.1. It is,
therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.");
# https://www.foxitsoftware.com/support/security-bulletins.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a27a3e57");
script_set_attribute(attribute:"solution", value:
"Upgrade to Foxit Reader version 10.0.1 or later");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-15638");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-12248");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/07/31");
script_set_attribute(attribute:"patch_publication_date", value:"2020/07/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/08/04");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:foxitsoftware:foxit_reader");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("foxit_reader_installed.nasl");
script_require_keys("installed_sw/Foxit Reader");
exit(0);
}
include('vcf.inc');
var app_info = vcf::get_app_info(app:'Foxit Reader', win_local:TRUE);
var constraints = [
{ 'max_version' : '10.0.0.35798', 'fixed_version' : '10.0.1' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING
);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| foxitsoftware | foxit_reader | cpe:/a:foxitsoftware:foxit_reader |
References
Related
nessus
nessus
Foxit PhantomPDF < 9.7.3 Multiple Vulnerabilities
2020-09-11 00:00:00
Foxit PhantomPDF < 10.0.1 Multiple Vulnerabilities
2020-08-04 00:00:00
kaspersky
kaspersky
KLA11922 Multiple vulnerabilities in Foxit Reader
2020-07-31 00:00:00
cve
cve
prion
prion
Out-of-bounds
2020-09-04 04:15:00
Design/Logic Flaw
2020-08-20 01:17:00
Type confusion
2020-08-20 01:17:00
zdi
zdi
srcincite
srcincite
githubexploit
githubexploit
Related for FOXIT_READER_10_0_1.NASL