Search...

Foxit Products ICC Parsing Integer Overflow Vulnerability

2011-03-04T00:00:00

ID OPENVAS:1361412562310801752
Type openvas
Reporter Copyright (c) 2011 Greenbone Networks GmbH
Modified 2018-10-20T00:00:00

Description

The host is installed with Foxit Products and is prone to integer overflow vulnerability.

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_foxit_prdts_int_overflow_vuln.nasl 11997 2018-10-20 11:59:41Z mmartin $
#
# Foxit Products ICC Parsing Integer Overflow Vulnerability
#
# Authors:
# Madhuri D &lt;dmadhuri@secpod.com&gt;
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.801752");
  script_version("$Revision: 11997 $");
  script_tag(name:"last_modification", value:"$Date: 2018-10-20 13:59:41 +0200 (Sat, 20 Oct 2018) $");
  script_tag(name:"creation_date", value:"2011-03-04 14:32:35 +0100 (Fri, 04 Mar 2011)");
  script_cve_id("CVE-2011-0332");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_name("Foxit Products ICC Parsing Integer Overflow Vulnerability");
  script_xref(name:"URL", value:"http://secunia.com/advisories/43329");
  script_xref(name:"URL", value:"http://www.vupen.com/english/advisories/2011/0508");

  script_tag(name:"qod_type", value:"executable_version");
  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
  script_category(ACT_GATHER_INFO);
  script_family("Buffer overflow");
  script_dependencies("gb_foxit_reader_detect_portable_win.nasl", "gb_foxit_phantom_detect.nasl");
  script_mandatory_keys("foxit/phantom_or_reader/detected");
  script_tag(name:"impact", value:"Successful exploitation could allow attackers to crash an affected
  application or execute arbitrary code by tricking a user into opening a
  malicious file.");
  script_tag(name:"affected", value:"Foxit Reader version prior to 4.3.1.0218
  Foxit Phantom version prior to 2.3.3.1112");
  script_tag(name:"insight", value:"The flaw is due to an integer overflow error when parsing certain ICC
  chunks and can be exploited to cause a heap-based buffer overflow via a
  specially crafted file.");
  script_tag(name:"solution", value:"Upgrade to the Foxit Reader version 4.3.1.0218 or later.
  Upgrade to the Foxit Phantom version 2.3.3.1112 or later.");
  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"summary", value:"The host is installed with Foxit Products and is prone to integer
  overflow vulnerability.");
  script_xref(name:"URL", value:"http://www.foxitsoftware.com/downloads/index.php");
  exit(0);
}


include("version_func.inc");

foxitVer = get_kb_item("foxit/reader/ver");
if(foxitVer)
{
  if(version_is_less(version:foxitVer, test_version:"4.3.1.0218"))
  {
    security_message( port: 0, data: "The target host was found to be vulnerable" );
    exit(0);
  }
}

foxVer = get_kb_item("foxit/phantom/ver");
if(!foxVer){
  exit(0);
}

if(version_is_less(version:foxVer, test_version:"2.3.3.1112")){
  security_message( port: 0, data: "The target host was found to be vulnerable" );
  exit(0);
}

exit(99);

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310801752", "bulletinFamily": "scanner", "title": "Foxit Products ICC Parsing Integer Overflow Vulnerability", "description": "The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.", "published": "2011-03-04T00:00:00", "modified": "2018-10-20T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801752", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://www.vupen.com/english/advisories/2011/0508", "http://www.foxitsoftware.com/downloads/index.php", "http://secunia.com/advisories/43329"], "cvelist": ["CVE-2011-0332"], "type": "openvas", "lastseen": "2018-10-22T16:45:07", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2011-0332"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.", "edition": 2, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "6c0081ac12f85293add9b58d94f4b115c7c13976070b30990d71176dc7417aaf", "hashmap": [{"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "5b3e78bf2118fdcf240d0771f3c6039e", "key": "reporter"}, {"hash": "7dea6de90fdda5e31264bd9b89565b8c", "key": "description"}, {"hash": "972127e56bbc7305ccf432db040aca2f", "key": "modified"}, {"hash": "d64cbb4cd372c9149f8e169a86b28631", "key": "references"}, {"hash": "0e261ad6c9619556a2170952c0154efd", "key": "published"}, {"hash": "b6d6c7cf8fb9a1904130fa96f453a68f", "key": "pluginID"}, {"hash": "b71a4f1f6034984fb92c1e4666f090e3", "key": "href"}, {"hash": "b9cc6a9f33ec12abd4e976263afc3918", "key": "naslFamily"}, {"hash": "ffa27d076cf660609a026e2271c1bba3", "key": "sourceData"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "55dab5385ca1b493b81e6ed993c7d331", "key": "cvelist"}, {"hash": "cb413ec2fd32973b860aa952ebb3020a", "key": "title"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801752", "id": "OPENVAS:1361412562310801752", "lastseen": "2018-06-08T19:26:35", "modified": "2018-06-08T00:00:00", "naslFamily": "Buffer overflow", "objectVersion": "1.3", "pluginID": "1361412562310801752", "published": "2011-03-04T00:00:00", "references": ["http://www.vupen.com/english/advisories/2011/0508", "http://secunia.com/advisories/43329"], "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_foxit_prdts_int_overflow_vuln.nasl 10140 2018-06-08 12:58:24Z asteins $\n#\n# Foxit Products ICC Parsing Integer Overflow Vulnerability\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801752\");\n script_version(\"$Revision: 10140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-06-08 14:58:24 +0200 (Fri, 08 Jun 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-04 14:32:35 +0100 (Fri, 04 Mar 2011)\");\n script_cve_id(\"CVE-2011-0332\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Foxit Products ICC Parsing Integer Overflow Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/43329\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2011/0508\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_foxit_reader_detect_portable_win.nasl\", \"gb_foxit_phantom_detect.nasl\");\n script_mandatory_keys(\"Foxit/Phantom_or_Reader/Installed\");\n script_tag(name : \"impact\" , value : \"Successful exploitation could allow attackers to crash an affected\n application or execute arbitrary code by tricking a user into opening a\n malicious file.\n Impact Level: System/Application\");\n script_tag(name : \"affected\" , value : \"Foxit Reader version prior to 4.3.1.0218\n Foxit Phantom version prior to 2.3.3.1112\");\n script_tag(name : \"insight\" , value : \"The flaw is due to an integer overflow error when parsing certain ICC\n chunks and can be exploited to cause a heap-based buffer overflow via a\n specially crafted file.\");\n script_tag(name : \"solution\" , value : \"Upgrade to the Foxit Reader version 4.3.1.0218 or later.\n Upgrade to the Foxit Phantom version 2.3.3.1112 or later.\n For updates refer to http://www.foxitsoftware.com/downloads/index.php\");\n script_tag(name : \"solution_type\" , value : \"VendorFix\");\n script_tag(name : \"summary\" , value : \"The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nfoxitVer = get_kb_item(\"Foxit/Reader/Ver\");\nif(foxitVer)\n{\n if(version_is_less(version:foxitVer, test_version:\"4.3.1.0218\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\nfoxVer = get_kb_item(\"Foxit/Phantom/Ver\");\nif(!foxVer){\n exit(0);\n}\n\nif(version_is_less(version:foxVer, test_version:\"2.3.3.1112\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n\nexit(99);\n", "title": "Foxit Products ICC Parsing Integer Overflow Vulnerability", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-06-08T19:26:35"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2011-0332"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.", "edition": 3, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "22f62a04462e62ecea74e3c79ecea1205fd5718d07ea31406708d8a775dd01da", "hashmap": [{"hash": "5b3e78bf2118fdcf240d0771f3c6039e", "key": "reporter"}, {"hash": "7dea6de90fdda5e31264bd9b89565b8c", "key": "description"}, {"hash": "972127e56bbc7305ccf432db040aca2f", "key": "modified"}, {"hash": "d64cbb4cd372c9149f8e169a86b28631", "key": "references"}, {"hash": "0e261ad6c9619556a2170952c0154efd", "key": "published"}, {"hash": "b6d6c7cf8fb9a1904130fa96f453a68f", "key": "pluginID"}, {"hash": "b71a4f1f6034984fb92c1e4666f090e3", "key": "href"}, {"hash": "b9cc6a9f33ec12abd4e976263afc3918", "key": "naslFamily"}, {"hash": "ffa27d076cf660609a026e2271c1bba3", "key": "sourceData"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "55dab5385ca1b493b81e6ed993c7d331", "key": "cvelist"}, {"hash": "cb413ec2fd32973b860aa952ebb3020a", "key": "title"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801752", "id": "OPENVAS:1361412562310801752", "lastseen": "2018-08-30T19:27:52", "modified": "2018-06-08T00:00:00", "naslFamily": "Buffer overflow", "objectVersion": "1.3", "pluginID": "1361412562310801752", "published": "2011-03-04T00:00:00", "references": ["http://www.vupen.com/english/advisories/2011/0508", "http://secunia.com/advisories/43329"], "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_foxit_prdts_int_overflow_vuln.nasl 10140 2018-06-08 12:58:24Z asteins $\n#\n# Foxit Products ICC Parsing Integer Overflow Vulnerability\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801752\");\n script_version(\"$Revision: 10140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-06-08 14:58:24 +0200 (Fri, 08 Jun 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-04 14:32:35 +0100 (Fri, 04 Mar 2011)\");\n script_cve_id(\"CVE-2011-0332\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Foxit Products ICC Parsing Integer Overflow Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/43329\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2011/0508\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_foxit_reader_detect_portable_win.nasl\", \"gb_foxit_phantom_detect.nasl\");\n script_mandatory_keys(\"Foxit/Phantom_or_Reader/Installed\");\n script_tag(name : \"impact\" , value : \"Successful exploitation could allow attackers to crash an affected\n application or execute arbitrary code by tricking a user into opening a\n malicious file.\n Impact Level: System/Application\");\n script_tag(name : \"affected\" , value : \"Foxit Reader version prior to 4.3.1.0218\n Foxit Phantom version prior to 2.3.3.1112\");\n script_tag(name : \"insight\" , value : \"The flaw is due to an integer overflow error when parsing certain ICC\n chunks and can be exploited to cause a heap-based buffer overflow via a\n specially crafted file.\");\n script_tag(name : \"solution\" , value : \"Upgrade to the Foxit Reader version 4.3.1.0218 or later.\n Upgrade to the Foxit Phantom version 2.3.3.1112 or later.\n For updates refer to http://www.foxitsoftware.com/downloads/index.php\");\n script_tag(name : \"solution_type\" , value : \"VendorFix\");\n script_tag(name : \"summary\" , value : \"The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nfoxitVer = get_kb_item(\"Foxit/Reader/Ver\");\nif(foxitVer)\n{\n if(version_is_less(version:foxitVer, test_version:\"4.3.1.0218\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\nfoxVer = get_kb_item(\"Foxit/Phantom/Ver\");\nif(!foxVer){\n exit(0);\n}\n\nif(version_is_less(version:foxVer, test_version:\"2.3.3.1112\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n\nexit(99);\n", "title": "Foxit Products ICC Parsing Integer Overflow Vulnerability", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:27:52"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2011-0332"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.", "edition": 5, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "4d6fdadaacf63cf1a21dbd34628dbe4edf0657184e4a059ff7af322ae4b49f11", "hashmap": [{"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "bae87dad35d4b27bfbcfbca928cb59fa", "key": "sourceData"}, {"hash": "5b3e78bf2118fdcf240d0771f3c6039e", "key": "reporter"}, {"hash": "7dea6de90fdda5e31264bd9b89565b8c", "key": "description"}, {"hash": "d64cbb4cd372c9149f8e169a86b28631", "key": "references"}, {"hash": "0e261ad6c9619556a2170952c0154efd", "key": "published"}, {"hash": "b6d6c7cf8fb9a1904130fa96f453a68f", "key": "pluginID"}, {"hash": "b71a4f1f6034984fb92c1e4666f090e3", "key": "href"}, {"hash": "f88d50f5167050f5b3367c6d99617b00", "key": "modified"}, {"hash": "b9cc6a9f33ec12abd4e976263afc3918", "key": "naslFamily"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "55dab5385ca1b493b81e6ed993c7d331", "key": "cvelist"}, {"hash": "cb413ec2fd32973b860aa952ebb3020a", "key": "title"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801752", "id": "OPENVAS:1361412562310801752", "lastseen": "2018-09-14T15:46:09", "modified": "2018-09-12T00:00:00", "naslFamily": "Buffer overflow", "objectVersion": "1.3", "pluginID": "1361412562310801752", "published": "2011-03-04T00:00:00", "references": ["http://www.vupen.com/english/advisories/2011/0508", "http://secunia.com/advisories/43329"], "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_foxit_prdts_int_overflow_vuln.nasl 11356 2018-09-12 10:46:43Z tpassfeld $\n#\n# Foxit Products ICC Parsing Integer Overflow Vulnerability\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801752\");\n script_version(\"$Revision: 11356 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-12 12:46:43 +0200 (Wed, 12 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-04 14:32:35 +0100 (Fri, 04 Mar 2011)\");\n script_cve_id(\"CVE-2011-0332\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Foxit Products ICC Parsing Integer Overflow Vulnerability\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/43329\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2011/0508\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_foxit_reader_detect_portable_win.nasl\", \"gb_foxit_phantom_detect.nasl\");\n script_mandatory_keys(\"foxit/phantom_or_reader/detected\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to crash an affected\n application or execute arbitrary code by tricking a user into opening a\n malicious file.\n Impact Level: System/Application\");\n script_tag(name:\"affected\", value:\"Foxit Reader version prior to 4.3.1.0218\n Foxit Phantom version prior to 2.3.3.1112\");\n script_tag(name:\"insight\", value:\"The flaw is due to an integer overflow error when parsing certain ICC\n chunks and can be exploited to cause a heap-based buffer overflow via a\n specially crafted file.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Foxit Reader version 4.3.1.0218 or later.\n Upgrade to the Foxit Phantom version 2.3.3.1112 or later.\n For updates refer to http://www.foxitsoftware.com/downloads/index.php\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nfoxitVer = get_kb_item(\"foxit/reader/ver\");\nif(foxitVer)\n{\n if(version_is_less(version:foxitVer, test_version:\"4.3.1.0218\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\nfoxVer = get_kb_item(\"foxit/phantom/ver\");\nif(!foxVer){\n exit(0);\n}\n\nif(version_is_less(version:foxVer, test_version:\"2.3.3.1112\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n\nexit(99);\n", "title": "Foxit Products ICC Parsing Integer Overflow Vulnerability", "type": "openvas", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 5, "lastseen": "2018-09-14T15:46:09"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2011-0332"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.", "edition": 4, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "6c0081ac12f85293add9b58d94f4b115c7c13976070b30990d71176dc7417aaf", "hashmap": [{"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "5b3e78bf2118fdcf240d0771f3c6039e", "key": "reporter"}, {"hash": "7dea6de90fdda5e31264bd9b89565b8c", "key": "description"}, {"hash": "972127e56bbc7305ccf432db040aca2f", "key": "modified"}, {"hash": "d64cbb4cd372c9149f8e169a86b28631", "key": "references"}, {"hash": "0e261ad6c9619556a2170952c0154efd", "key": "published"}, {"hash": "b6d6c7cf8fb9a1904130fa96f453a68f", "key": "pluginID"}, {"hash": "b71a4f1f6034984fb92c1e4666f090e3", "key": "href"}, {"hash": "b9cc6a9f33ec12abd4e976263afc3918", "key": "naslFamily"}, {"hash": "ffa27d076cf660609a026e2271c1bba3", "key": "sourceData"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "55dab5385ca1b493b81e6ed993c7d331", "key": "cvelist"}, {"hash": "cb413ec2fd32973b860aa952ebb3020a", "key": "title"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801752", "id": "OPENVAS:1361412562310801752", "lastseen": "2018-09-02T00:04:54", "modified": "2018-06-08T00:00:00", "naslFamily": "Buffer overflow", "objectVersion": "1.3", "pluginID": "1361412562310801752", "published": "2011-03-04T00:00:00", "references": ["http://www.vupen.com/english/advisories/2011/0508", "http://secunia.com/advisories/43329"], "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_foxit_prdts_int_overflow_vuln.nasl 10140 2018-06-08 12:58:24Z asteins $\n#\n# Foxit Products ICC Parsing Integer Overflow Vulnerability\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801752\");\n script_version(\"$Revision: 10140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-06-08 14:58:24 +0200 (Fri, 08 Jun 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-04 14:32:35 +0100 (Fri, 04 Mar 2011)\");\n script_cve_id(\"CVE-2011-0332\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Foxit Products ICC Parsing Integer Overflow Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/43329\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2011/0508\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_foxit_reader_detect_portable_win.nasl\", \"gb_foxit_phantom_detect.nasl\");\n script_mandatory_keys(\"Foxit/Phantom_or_Reader/Installed\");\n script_tag(name : \"impact\" , value : \"Successful exploitation could allow attackers to crash an affected\n application or execute arbitrary code by tricking a user into opening a\n malicious file.\n Impact Level: System/Application\");\n script_tag(name : \"affected\" , value : \"Foxit Reader version prior to 4.3.1.0218\n Foxit Phantom version prior to 2.3.3.1112\");\n script_tag(name : \"insight\" , value : \"The flaw is due to an integer overflow error when parsing certain ICC\n chunks and can be exploited to cause a heap-based buffer overflow via a\n specially crafted file.\");\n script_tag(name : \"solution\" , value : \"Upgrade to the Foxit Reader version 4.3.1.0218 or later.\n Upgrade to the Foxit Phantom version 2.3.3.1112 or later.\n For updates refer to http://www.foxitsoftware.com/downloads/index.php\");\n script_tag(name : \"solution_type\" , value : \"VendorFix\");\n script_tag(name : \"summary\" , value : \"The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nfoxitVer = get_kb_item(\"Foxit/Reader/Ver\");\nif(foxitVer)\n{\n if(version_is_less(version:foxitVer, test_version:\"4.3.1.0218\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\nfoxVer = get_kb_item(\"Foxit/Phantom/Ver\");\nif(!foxVer){\n exit(0);\n}\n\nif(version_is_less(version:foxVer, test_version:\"2.3.3.1112\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n\nexit(99);\n", "title": "Foxit Products ICC Parsing Integer Overflow Vulnerability", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:04:54"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2011-0332"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.", "edition": 1, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "219e3473b5f1574e86bf115e7abdf730ce6c408470ffa36a25a320af2389c8c7", "hashmap": [{"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "5b3e78bf2118fdcf240d0771f3c6039e", "key": "reporter"}, {"hash": "7dea6de90fdda5e31264bd9b89565b8c", "key": "description"}, {"hash": "d64cbb4cd372c9149f8e169a86b28631", "key": "references"}, {"hash": "0e261ad6c9619556a2170952c0154efd", "key": "published"}, {"hash": "b6d6c7cf8fb9a1904130fa96f453a68f", "key": "pluginID"}, {"hash": "b71a4f1f6034984fb92c1e4666f090e3", "key": "href"}, {"hash": "b9cc6a9f33ec12abd4e976263afc3918", "key": "naslFamily"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "669578dff97c16a0f41051692e23b8aa", "key": "modified"}, {"hash": "55dab5385ca1b493b81e6ed993c7d331", "key": "cvelist"}, {"hash": "cb413ec2fd32973b860aa952ebb3020a", "key": "title"}, {"hash": "91eb8ee4964dede5cda513defbd7a8ea", "key": "sourceData"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801752", "id": "OPENVAS:1361412562310801752", "lastseen": "2017-07-19T10:54:45", "modified": "2017-07-04T00:00:00", "naslFamily": "Buffer overflow", "objectVersion": "1.3", "pluginID": "1361412562310801752", "published": "2011-03-04T00:00:00", "references": ["http://www.vupen.com/english/advisories/2011/0508", "http://secunia.com/advisories/43329"], "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_foxit_prdts_int_overflow_vuln.nasl 6515 2017-07-04 11:54:15Z cfischer $\n#\n# Foxit Products ICC Parsing Integer Overflow Vulnerability\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to crash an affected\n application or execute arbitrary code by tricking a user into opening a\n malicious file.\n Impact Level: System/Application\";\ntag_affected = \"Foxit Reader version prior to 4.3.1.0218\n Foxit Phantom version prior to 2.3.3.1112\";\ntag_insight = \"The flaw is due to an integer overflow error when parsing certain ICC\n chunks and can be exploited to cause a heap-based buffer overflow via a\n specially crafted file.\";\ntag_solution = \"Upgrade to the Foxit Reader version 4.3.1.0218 or later.\n Upgrade to the Foxit Phantom version 2.3.3.1112 or later.\n For updates refer to http://www.foxitsoftware.com/downloads/index.php\";\ntag_summary = \"The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801752\");\n script_version(\"$Revision: 6515 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-04 13:54:15 +0200 (Tue, 04 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-04 14:32:35 +0100 (Fri, 04 Mar 2011)\");\n script_cve_id(\"CVE-2011-0332\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Foxit Products ICC Parsing Integer Overflow Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/43329\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2011/0508\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_foxit_reader_detect.nasl\", \"gb_foxit_phantom_detect.nasl\");\n script_mandatory_keys(\"Foxit/Phantom_or_Reader/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version Foxit Reader from KB\nfoxitVer = get_kb_item(\"Foxit/Reader/Ver\");\nif(foxitVer)\n{\n ## Check for Foxit Reader Version less than 4.3.1.0218\n if(version_is_less(version:foxitVer, test_version:\"4.3.1.0218\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n## Get the Foxit Phantom version from KB\nfoxVer = get_kb_item(\"Foxit/Phantom/Ver\");\nif(!foxVer){\n exit(0);\n}\n\n## Check for Foxit Phantom version less than 2.3.3.1112\nif(version_is_less(version:foxVer, test_version:\"2.3.3.1112\")){\n security_message(0);\n}\n", "title": "Foxit Products ICC Parsing Integer Overflow Vulnerability", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-19T10:54:45"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "55dab5385ca1b493b81e6ed993c7d331"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "7dea6de90fdda5e31264bd9b89565b8c"}, {"key": "href", "hash": "b71a4f1f6034984fb92c1e4666f090e3"}, {"key": "modified", "hash": "2c104a45bc8ee43625332611b190dc40"}, {"key": "naslFamily", "hash": "b9cc6a9f33ec12abd4e976263afc3918"}, {"key": "pluginID", "hash": "b6d6c7cf8fb9a1904130fa96f453a68f"}, {"key": "published", "hash": "0e261ad6c9619556a2170952c0154efd"}, {"key": "references", "hash": "2241bef6d5ff3950dab98f26c4d830d8"}, {"key": "reporter", "hash": "5b3e78bf2118fdcf240d0771f3c6039e"}, {"key": "sourceData", "hash": "9c9cda6d7dd2071d76744cb5c2feace9"}, {"key": "title", "hash": "cb413ec2fd32973b860aa952ebb3020a"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "b8e63b475201ba49823287544289dfadca2d12f67650f49b4df409c5c276c10c", "viewCount": 0, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}, "vulnersScore": 9.3}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_foxit_prdts_int_overflow_vuln.nasl 11997 2018-10-20 11:59:41Z mmartin $\n#\n# Foxit Products ICC Parsing Integer Overflow Vulnerability\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801752\");\n script_version(\"$Revision: 11997 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-20 13:59:41 +0200 (Sat, 20 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-04 14:32:35 +0100 (Fri, 04 Mar 2011)\");\n script_cve_id(\"CVE-2011-0332\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Foxit Products ICC Parsing Integer Overflow Vulnerability\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/43329\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2011/0508\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_foxit_reader_detect_portable_win.nasl\", \"gb_foxit_phantom_detect.nasl\");\n script_mandatory_keys(\"foxit/phantom_or_reader/detected\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to crash an affected\n application or execute arbitrary code by tricking a user into opening a\n malicious file.\");\n script_tag(name:\"affected\", value:\"Foxit Reader version prior to 4.3.1.0218\n Foxit Phantom version prior to 2.3.3.1112\");\n script_tag(name:\"insight\", value:\"The flaw is due to an integer overflow error when parsing certain ICC\n chunks and can be exploited to cause a heap-based buffer overflow via a\n specially crafted file.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Foxit Reader version 4.3.1.0218 or later.\n Upgrade to the Foxit Phantom version 2.3.3.1112 or later.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.\");\n script_xref(name:\"URL\", value:\"http://www.foxitsoftware.com/downloads/index.php\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nfoxitVer = get_kb_item(\"foxit/reader/ver\");\nif(foxitVer)\n{\n if(version_is_less(version:foxitVer, test_version:\"4.3.1.0218\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\nfoxVer = get_kb_item(\"foxit/phantom/ver\");\nif(!foxVer){\n exit(0);\n}\n\nif(version_is_less(version:foxVer, test_version:\"2.3.3.1112\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n\nexit(99);\n", "naslFamily": "Buffer overflow", "pluginID": "1361412562310801752"}

{"cve": [{"lastseen": "2017-04-18T15:52:54", "references": ["http://www.vupen.com/english/advisories/2011/0508", "http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#memory", "http://www.securitytracker.com/id?1025129"], "description": "Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow.", "edition": 2, "reporter": "NVD", "published": "2011-02-25T14:00:00", "title": "CVE-2011-0332", "type": "cve", "enchantments": {"score": {"modified": "2017-04-18T15:52:54", "vector": "NONE", "value": 9.3}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2011-0332"], "scanner": [], "modified": "2016-11-08T12:47:55", "cpe": ["cpe:/a:foxitsoftware:foxit_phantom:2.1", "cpe:/a:foxitsoftware:foxit_reader:4.1.1", "cpe:/a:foxitsoftware:foxit_reader:3.0", "cpe:/a:foxitsoftware:foxit_reader:3.1", "cpe:/a:foxitsoftware:foxit_phantom:2.1.1", "cpe:/a:foxitsoftware:foxit_reader:2.0", "cpe:/a:foxitsoftware:foxit_reader:3.2", "cpe:/a:foxitsoftware:foxit_reader:2.3", "cpe:/a:foxitsoftware:foxit_reader:4.3", "cpe:/a:foxitsoftware:foxit_reader:3.3.1", "cpe:/a:foxitsoftware:foxit_phantom:1.0.2", "cpe:/a:foxitsoftware:foxit_phantom:2.2.1", "cpe:/a:foxitsoftware:foxit_phantom:2.2", "cpe:/a:foxitsoftware:foxit_phantom:2.0", "cpe:/a:foxitsoftware:foxit_phantom:2.2.4", "cpe:/a:foxitsoftware:foxit_reader:3.1.3", "cpe:/a:foxitsoftware:foxit_reader:4.0", "cpe:/a:foxitsoftware:foxit_phantom:2.3", "cpe:/a:foxitsoftware:foxit_phantom:2.2.3", "cpe:/a:foxitsoftware:foxit_reader:3.2.1", "cpe:/a:foxitsoftware:foxit_reader:2.2", "cpe:/a:foxitsoftware:foxit_reader:3.1.4", "cpe:/a:foxitsoftware:foxit_reader:3.1.1"], "id": "CVE-2011-0332", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0332", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-02T21:13:39", "references": ["http://www.vupen.com/english/advisories/2011/0508", "http://secunia.com/advisories/43329"], "pluginID": "801752", "description": "The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.", "edition": 1, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-03-04T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "Foxit Products ICC Parsing Integer Overflow Vulnerability", "type": "openvas", "naslFamily": "Buffer overflow", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0332"], "modified": "2016-04-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=801752", "id": "OPENVAS:801752", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_foxit_prdts_int_overflow_vuln.nasl 3117 2016-04-19 10:19:37Z benallard $\n#\n# Foxit Products ICC Parsing Integer Overflow Vulnerability\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to crash an affected\n application or execute arbitrary code by tricking a user into opening a\n malicious file.\n Impact Level: System/Application\";\ntag_affected = \"Foxit Reader version prior to 4.3.1.0218\n Foxit Phantom version prior to 2.3.3.1112\";\ntag_insight = \"The flaw is due to an integer overflow error when parsing certain ICC\n chunks and can be exploited to cause a heap-based buffer overflow via a\n specially crafted file.\";\ntag_solution = \"Upgrade to the Foxit Reader version 4.3.1.0218 or later.\n Upgrade to the Foxit Phantom version 2.3.3.1112 or later.\n For updates refer to http://www.foxitsoftware.com/downloads/index.php\";\ntag_summary = \"The host is installed with Foxit Products and is prone to integer\n overflow vulnerability.\";\n\nif(description)\n{\n script_id(801752);\n script_version(\"$Revision: 3117 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-04-19 12:19:37 +0200 (Tue, 19 Apr 2016) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-04 14:32:35 +0100 (Fri, 04 Mar 2011)\");\n script_cve_id(\"CVE-2011-0332\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Foxit Products ICC Parsing Integer Overflow Vulnerability\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/43329\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2011/0508\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_summary(\"Check the version of Foxit Reader and Phantom\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_foxit_reader_detect.nasl\",\n \"gb_foxit_phantom_detect.nasl\");\n script_require_keys(\"Foxit/Reader/Ver\", \"Foxit/Phantom/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version Foxit Reader from KB\nfoxitVer = get_kb_item(\"Foxit/Reader/Ver\");\nif(foxitVer)\n{\n ## Check for Foxit Reader Version less than 4.3.1.0218\n if(version_is_less(version:foxitVer, test_version:\"4.3.1.0218\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n## Get the Foxit Phantom version from KB\nfoxVer = get_kb_item(\"Foxit/Phantom/Ver\");\nif(!foxVer){\n exit(0);\n}\n\n## Check for Foxit Phantom version less than 2.3.3.1112\nif(version_is_less(version:foxVer, test_version:\"2.3.3.1112\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T18:06:24", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 46565\r\nCVE ID: CVE-2011-0332\r\n\r\nFoxit Reader\u662f\u4e00\u6b3e\u5c0f\u578b\u7684PDF\u6587\u6863\u67e5\u770b\u5668\u548c\u6253\u5370\u7a0b\u5e8f\u3002\r\n\r\nFoxit Reader\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728ICC\u89e3\u6790\u8fdc\u7a0b\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\r\n\r\n\u6b64\u6f0f\u6d1e\u6e90\u4e8e\u5728\u89e3\u6790\u67d0\u4e9bICC\u5757\u65f6\u7684\u6574\u6570\u6ea2\u51fa\u9519\u8bef\uff0c\u53ef\u901a\u8fc7\u7279\u5236\u7684\u6587\u4ef6\u9020\u6210\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\n\nFoxit Foxit Reader 4.3.1.0118\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nFoxit\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.foxitsoft.com/wac/server_intro.php", "reporter": "Root", "published": "2011-03-02T00:00:00", "type": "seebug", "title": "Foxit Reader ICC\u89e3\u6790\u8fdc\u7a0b\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2011-0332"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2011-03-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20345", "id": "SSV:20345", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "status": "details"}], "nessus": [{"lastseen": "2018-11-16T17:10:57", "references": ["https://www.foxitsoftware.com/support/security-bulletins.php", "https://www.foxitsoftware.com/company/press.php?id=210", "http://www.nessus.org/u?8294358a"], "pluginID": "52458", "description": "The version of Foxit Reader installed on the remote Windows host is prior to 4.3.1.0218. It is, therefore, affected by multiple vulnerabilities :\n\n - An integer overflow condition exists when parsing certain ICC chunks. An attacker can exploit this, via crafted ICC chunks in a PDF file, to cause a heap-based buffer overflow, resulting in the execution of arbitrary code. (CVE-2011-0332)\n\n - A flaw exists in the JavaScript API related to the createDataObject() function. An attacker can exploit this, via a crafted PDF file using a call to that function, to create or overwrite arbitrary files.\n (VulnDB 71104)", "edition": 6, "reporter": "Tenable", "published": "2011-02-25T00:00:00", "title": "Foxit Reader < 4.3.1.0218 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0332"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "id": "FOXIT_READER_4_3_1_0218.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=52458", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52458);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/15 20:50:26\");\n\n script_cve_id(\"CVE-2011-0332\");\n script_bugtraq_id(46565, 46763);\n script_xref(name:\"EDB-ID\", value:\"16978\");\n script_xref(name:\"Secunia\", value:\"43329\");\n script_xref(name:\"Secunia\", value:\"43776\");\n\n script_name(english:\"Foxit Reader < 4.3.1.0218 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Foxit Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF viewer installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Foxit Reader installed on the remote Windows host is\nprior to 4.3.1.0218. It is, therefore, affected by multiple\nvulnerabilities :\n\n - An integer overflow condition exists when parsing\n certain ICC chunks. An attacker can exploit this, via\n crafted ICC chunks in a PDF file, to cause a heap-based\n buffer overflow, resulting in the execution of arbitrary\n code. (CVE-2011-0332)\n\n - A flaw exists in the JavaScript API related to the\n createDataObject() function. An attacker can exploit\n this, via a crafted PDF file using a call to that\n function, to create or overwrite arbitrary files.\n (VulnDB 71104)\");\n # https://scarybeastsecurity.blogspot.com/2011/03/dangerous-file-write-bug-in-foxit-pdf.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8294358a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.foxitsoftware.com/support/security-bulletins.php\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.foxitsoftware.com/company/press.php?id=210\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 4.3.1.0218 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Foxit PDF Reader 4.2 Javascript File Write');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n \n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\",value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp = \"Foxit Reader\";\ninstall = get_single_install(app_name:app, exit_if_unknown_ver:TRUE);\nversion = install[\"version\"];\npath = install[\"path\"];\n\nreport = NULL;\n\nfixed_version = \"4.3.1.0218\";\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) < 0)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port)\n port = 445;\n\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n\n security_report_v4(port:port, extra:report, severity:SECURITY_HOLE);\n exit(0);\n}\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}