Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.FOXIT_READER_9_7_2.NASL
HistoryApr 21, 2020 - 12:00 a.m.

Foxit Reader < 9.7.2 Multiple Vulnerabilities

2020-04-2100:00:00
This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
JSON

According to its version, the Foxit Reader application installed on the remote Windows host is prior to 9.7.2. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(135849);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/09");

  script_cve_id("CVE-2020-9592", "CVE-2020-9596");
  script_xref(name:"ZDI", value:"ZDI-CAN-9828");
  script_xref(name:"ZDI", value:"ZDI-CAN-9829");
  script_xref(name:"ZDI", value:"ZDI-CAN-9830");
  script_xref(name:"ZDI", value:"ZDI-CAN-9831");
  script_xref(name:"ZDI", value:"ZDI-CAN-9865");
  script_xref(name:"ZDI", value:"ZDI-CAN-9942");
  script_xref(name:"ZDI", value:"ZDI-CAN-9943");
  script_xref(name:"ZDI", value:"ZDI-CAN-9944");
  script_xref(name:"ZDI", value:"ZDI-CAN-9945");
  script_xref(name:"ZDI", value:"ZDI-CAN-9946");
  script_xref(name:"ZDI", value:"ZDI-CAN-10132");
  script_xref(name:"ZDI", value:"ZDI-CAN-10142");
  script_xref(name:"ZDI", value:"ZDI-CAN-10614");
  script_xref(name:"ZDI", value:"ZDI-CAN-10650");

  script_name(english:"Foxit Reader < 9.7.2 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"A PDF viewer installed on the remote Windows host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"According to its version, the Foxit Reader application installed on the remote Windows host is prior to 9.7.2. It is,
therefore affected by  multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.");
  # https://www.foxitsoftware.com/support/security-bulletins.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a27a3e57");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Foxit Reader version 9.7.2 or later");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_attribute(attribute:"cvss_score_source", value:"manual");
  script_set_attribute(attribute:"cvss_score_rationale", value:"Score based on in depth analysis of the vendor advisory by Tenable.");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/04/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/21");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:foxitsoftware:foxit_reader");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("foxit_reader_installed.nasl");
  script_require_keys("installed_sw/Foxit Reader");

  exit(0);
}

include('vcf.inc');

var app_info = vcf::get_app_info(app:'Foxit Reader', win_local:TRUE);

var constraints = [
  { 'max_version' : '9.7.1.29511', 'fixed_version' : '9.7.2' }
];

vcf::check_version_and_report(
    app_info:app_info,
    constraints:constraints,
    severity:SECURITY_HOLE
);
VendorProductVersionCPE
foxitsoftwarefoxit_readercpe:/a:foxitsoftware:foxit_reader

Related

nessus 8
kaspersky 2
checkpoint_advisories 2
prion 2
cve 2
thn 1
adobe 1
openvas 12
threatpost 1
nessus
nessus
Foxit PhantomPDF for Mac < 4.0 Multiple Vulnerabilities
2023-10-09 00:00:00
Foxit PhantomPDF < 9.7.2 Multiple Vulnerabilities
2020-04-21 00:00:00
Foxit Reader < 4.0 Privilege Escalation (macOS)
2020-08-05 00:00:00
kaspersky
kaspersky
KLA11918 Security vulnerabilities in Foxit Reader
2020-04-16 00:00:00
KLA11780 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
2020-05-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat and Reader Digital Signature Bypass (APSB20-24: CVE-2020-9596)
2020-05-13 00:00:00
Adobe Acrobat and Reader Digital Signature Bypass (APSB20-24: CVE-2020-9592)
2020-05-13 00:00:00
prion
prion
Security feature bypass
2020-06-25 22:15:00
Security feature bypass
2020-06-25 22:15:00
cve
cve
CVE-2020-9592
2020-06-25 22:15:00
CVE-2020-9596
2020-06-25 22:15:00
thn
thn
Shadow Attacks Let Attackers Replace Content in Digitally Signed PDFs
2021-02-23 10:46:00
adobe
adobe
APSB20-24 Security Update available for Adobe Acrobat and Reader
2020-05-12 00:00:00
openvas
openvas
Adobe Reader DC Security Update (APSB20-24) - Mac OS X
2020-05-14 00:00:00
Adobe Acrobat DC 2015 Security Update (APSB20-24) - Windows
2020-05-14 00:00:00
Adobe Reader 2017 Security Update (APSB20-24) - Mac OS X
2020-05-14 00:00:00
threatpost
threatpost
Adobe Kills 16 Critical Flaws in Acrobat and Reader, Digital Negative SDK
2020-05-12 16:02:07
JSON
Related for FOXIT_READER_9_7_2.NASL
nessus8kaspersky2checkpoint_advisories2prion2cve2thn1adobe1openvas12threatpost1