ID ZDI-19-438 Type zdi Reporter hungtt28 of Viettel Cyber Security Modified 2019-06-22T00:00:00
Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA Template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process.
{"id": "ZDI-19-438", "bulletinFamily": "info", "title": "Foxit Reader XFA Template Out-Of-Bounds Write Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA Template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process.", "published": "2019-04-29T00:00:00", "modified": "2019-06-22T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://www.zerodayinitiative.com/advisories/ZDI-19-438/", "reporter": "hungtt28 of Viettel Cyber Security", "references": ["https://www.foxitsoftware.com/support/security-bulletins.php"], "cvelist": ["CVE-2019-6764"], "type": "zdi", "lastseen": "2020-06-22T11:42:06", "edition": 1, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-6764"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310815226"]}, {"type": "nessus", "idList": ["FOXIT_READER_9_5_0.NASL"]}], "modified": "2020-06-22T11:42:06", "rev": 2}, "score": {"value": 5.0, "vector": "NONE", "modified": "2020-06-22T11:42:06", "rev": 2}, "vulnersScore": 5.0}}
{"cve": [{"lastseen": "2020-12-09T21:41:56", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA Template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7972.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-06-03T19:29:00", "title": "CVE-2019-6764", "type": "cve", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6764"], "modified": "2019-10-09T23:51:00", "cpe": ["cpe:/a:foxitsoftware:phantompdf:8.3.9.41099", "cpe:/a:foxitsoftware:phantompdf:9.4.1.16828", "cpe:/a:foxitsoftware:foxit_reader:9.4.1.16828"], "id": "CVE-2019-6764", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6764", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:foxitsoftware:phantompdf:8.3.9.41099:*:*:*:*:*:*:*", "cpe:2.3:a:foxitsoftware:foxit_reader:9.4.1.16828:*:*:*:*:*:*:*", "cpe:2.3:a:foxitsoftware:phantompdf:9.4.1.16828:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-09-24T14:42:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-6753", "CVE-2019-6760", "CVE-2019-6761", "CVE-2019-6773", "CVE-2019-6768", "CVE-2019-6766", "CVE-2019-6757", "CVE-2019-6769", "CVE-2019-6754", "CVE-2019-6759", "CVE-2019-6763", "CVE-2019-6767", "CVE-2019-6764", "CVE-2019-6771", "CVE-2019-6758", "CVE-2019-6756", "CVE-2019-6770", "CVE-2019-6772", "CVE-2019-6755"], "description": "The host is installed with Foxit Reader and\n is prone to multiple vulnerabilities.", "modified": "2019-09-20T00:00:00", "published": "2019-06-28T00:00:00", "id": "OPENVAS:1361412562310815226", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815226", "type": "openvas", "title": "Foxit Reader Multiple Vulnerabilities June 2019 (Windows)-01", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:foxitsoftware:reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815226\");\n script_version(\"2019-09-20T11:01:01+0000\");\n script_cve_id(\"CVE-2019-6754\", \"CVE-2019-6755\", \"CVE-2019-6759\", \"CVE-2019-6753\",\n \"CVE-2019-6757\", \"CVE-2019-6758\", \"CVE-2019-6760\",\n \"CVE-2019-6761\", \"CVE-2019-6763\", \"CVE-2019-6764\", \"CVE-2019-6766\",\n \"CVE-2019-6767\", \"CVE-2019-6768\", \"CVE-2019-6769\", \"CVE-2019-6770\",\n \"CVE-2019-6771\", \"CVE-2019-6772\", \"CVE-2019-6773\",\n \"CVE-2019-6756\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-09-20 11:01:01 +0000 (Fri, 20 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-06-28 11:15:36 +0530 (Fri, 28 Jun 2019)\");\n script_name(\"Foxit Reader Multiple Vulnerabilities June 2019 (Windows)-01\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Foxit Reader and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on\n the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An issue in localFileStorage method resulting from lack of proper validation\n of a user-supplied path prior to using it in file operations.\n\n - An issue in ConvertToPDF_x86.dll resulting from the lack of proper validation of\n user-supplied data, which can result in a write past the end of an\n allocated object.\n\n - An issue in handling of the Stuff method resulting from the lack of proper\n validation of user-supplied data, which can result in an integer\n overflow before writing to memory.\n\n - An issue in ConvertToPDF_x86.dll resulting from the lack of validating the\n existence of an object prior to performing operations on the object.\n\n - An issue in XFA CXFA_FFDocView object resulting from the lack of validating\n the existence of an object prior to performing operations on the object.\n\n - An issue in ToggleFormsDesign method of the Foxit.FoxitReader.Ctl ActiveX object\n resulting from lack of validating the existence of an object prior to performing\n operations on the object.\n\n - Improper validation of user-supplied data, which can result in a write past the\n end of an allocated structure.\n\n - An issue in removeField method when processing AcroForms resulting from lack of\n validating the existence of an object prior to performing operations on the object.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote attackers\n to execute arbitrary code and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Foxit Reader version 9.4.1.16828 and earlier\n on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Foxit Reader 9.5 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://www.foxitsoftware.com/support/security-bulletins.php\");\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_foxit_reader_detect_portable_win.nasl\");\n script_mandatory_keys(\"foxit/reader/ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\npdfVer = infos['version'];\npdfPath = infos['location'];\n\nif(version_is_less_equal(version:pdfVer, test_version:\"9.4.1.16828\"))\n{\n report = report_fixed_ver(installed_version:pdfVer, fixed_version:\"9.5\", install_path:pdfPath);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-01T02:35:03", "description": "According to its version, the Foxit Reader application (formally\nknown as Phantom) installed on the remote Windows host is prior to\n8.3.10. It is, therefore, affected by multiple vulnerabilities:\n\n - A heap-based buffer overflow condition exists in the \n proxyCPDFAction, proxyCheckLicence, proxyDoAction, \n proxyGetAppEdition, or proxyPreviewAction due to a stack buffer \n overflow or out-of-bounds read. An authenticated, local attacker \n can exploit this, via large integer or long string causing a \n denial of service condition or the execution of arbitrary code.\n\n - A directory traversal vulnerability exists in the cPDF plugin due\n to unexpected javascript invocation resulting in remote code \n execution. An unauthenticated, remote attacker can exploit this, \n by invoking javascript through the console to write local files. \n (ZDI-CAN-7407)\n\n - A integer overflow and crash condition exists in the XFA stuff \n method due to the lack of proper validation of user-supplied \n data. An attacker can explit this to disclose information. \n (ZDI-CAN-7561)\n\n - A use-after-free, out-of-bounds read, and crash vulnerability \n exists when converting HTML files to PDFs. An authenticated, \n remote attacker can exploit this to disclose information\n or to execute arbitrary code. \n (ZDI-CAN-7620/ZDI-CAN-7844/ZDI-CAN-8170) \n\n - A out-of-bounds write and crash vulnerability exists. An \n authenticated, remote attacker can exploit this to execute \n arbitrary code. (ZDI-CAN-7613/ZDI-CAN-7614/ZDI-CAN-7701/\n ZDI-CAN-7972)\n\n - A use-after-free or out-of-bounds write and crash vulnerability \n exists. An authenticated, local attacker can exploit this to \n execute arbitrary code. (ZDI-CAN-7696/ZDI-CAN-7694)\n\n - A use-after-free vulnerability. An authenticated, \n remote attacker can exploit this to execute arbitrary \n code. (ZDI-CAN-7696/ZDI-CAN-7694/ZDI-CAN-7777/ZDI-CAN-7874)\n\n - A use-after-free, remote code execution, information \n disclosure vulnerability exists when deleting Field with nested\n scripts. An authenticated, local attacker can exploit this to \n execute arbitrary code. (ZDI-CAN-8162/ZDI-CAN-8163/ZDI-CAN-8164/\n ZDI-CAN-8165/ZDI-CAN-8229/ZDI-CAN-8230/ZDI-CAN-8231/ZDI-CAN-8272)", "edition": 17, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-05-15T00:00:00", "title": "Foxit Reader < 9.5.0 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-20309", "CVE-2019-6760", "CVE-2019-6762", "CVE-2019-6765", "CVE-2019-6761", "CVE-2019-6773", "CVE-2019-6768", "CVE-2019-6766", "CVE-2019-6757", "CVE-2018-20316", "CVE-2019-6769", "CVE-2018-20312", "CVE-2018-20314", "CVE-2018-20310", "CVE-2019-6754", "CVE-2019-6759", "CVE-2019-6763", "CVE-2019-6767", "CVE-2019-6764", "CVE-2019-6771", "CVE-2019-6758", "CVE-2019-6756", "CVE-2019-6770", "CVE-2019-6772", "CVE-2019-6755", "CVE-2018-20313", "CVE-2018-20311", "CVE-2018-20315"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:foxitsoftware:foxit_reader"], "id": "FOXIT_READER_9_5_0.NASL", "href": "https://www.tenable.com/plugins/nessus/125153", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125153);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/10/30 13:24:47\");\n\n script_cve_id(\n \"CVE-2018-20309\",\n \"CVE-2018-20310\",\n \"CVE-2018-20311\",\n \"CVE-2018-20312\",\n \"CVE-2018-20313\",\n \"CVE-2018-20314\",\n \"CVE-2018-20315\",\n \"CVE-2018-20316\",\n \"CVE-2019-6754\",\n \"CVE-2019-6755\",\n \"CVE-2019-6756\",\n \"CVE-2019-6757\",\n \"CVE-2019-6758\",\n \"CVE-2019-6759\",\n \"CVE-2019-6760\",\n \"CVE-2019-6761\",\n \"CVE-2019-6762\",\n \"CVE-2019-6763\",\n \"CVE-2019-6764\",\n \"CVE-2019-6765\",\n \"CVE-2019-6766\",\n \"CVE-2019-6767\",\n \"CVE-2019-6768\",\n \"CVE-2019-6769\",\n \"CVE-2019-6770\",\n \"CVE-2019-6771\",\n \"CVE-2019-6772\",\n \"CVE-2019-6773\"\n );\n script_xref(name:\"ZDI\", value:\"ZDI-19-428\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-429\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-430\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-431\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-432\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-433\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-434\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-435\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-436\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-437\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-438\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-439\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-440\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-441\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-442\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-443\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-444\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-445\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-446\");\n script_xref(name:\"ZDI\", value:\"ZDI-19-447\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7407\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7561\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7613\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7614\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7620\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7694\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7696\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7701\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7769\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7777\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7844\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7874\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-7972\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-8162\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-8163\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-8164\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-8165\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-8170\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-8229\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-8230\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-8231\");\n script_xref(name:\"ZDI\", value:\"ZDI-CAN-8272\");\n\n script_name(english:\"Foxit Reader < 9.5.0 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Foxit Reader.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PDF toolkit installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the Foxit Reader application (formally\nknown as Phantom) installed on the remote Windows host is prior to\n8.3.10. It is, therefore, affected by multiple vulnerabilities:\n\n - A heap-based buffer overflow condition exists in the \n proxyCPDFAction, proxyCheckLicence, proxyDoAction, \n proxyGetAppEdition, or proxyPreviewAction due to a stack buffer \n overflow or out-of-bounds read. An authenticated, local attacker \n can exploit this, via large integer or long string causing a \n denial of service condition or the execution of arbitrary code.\n\n - A directory traversal vulnerability exists in the cPDF plugin due\n to unexpected javascript invocation resulting in remote code \n execution. An unauthenticated, remote attacker can exploit this, \n by invoking javascript through the console to write local files. \n (ZDI-CAN-7407)\n\n - A integer overflow and crash condition exists in the XFA stuff \n method due to the lack of proper validation of user-supplied \n data. An attacker can explit this to disclose information. \n (ZDI-CAN-7561)\n\n - A use-after-free, out-of-bounds read, and crash vulnerability \n exists when converting HTML files to PDFs. An authenticated, \n remote attacker can exploit this to disclose information\n or to execute arbitrary code. \n (ZDI-CAN-7620/ZDI-CAN-7844/ZDI-CAN-8170) \n\n - A out-of-bounds write and crash vulnerability exists. An \n authenticated, remote attacker can exploit this to execute \n arbitrary code. (ZDI-CAN-7613/ZDI-CAN-7614/ZDI-CAN-7701/\n ZDI-CAN-7972)\n\n - A use-after-free or out-of-bounds write and crash vulnerability \n exists. An authenticated, local attacker can exploit this to \n execute arbitrary code. (ZDI-CAN-7696/ZDI-CAN-7694)\n\n - A use-after-free vulnerability. An authenticated, \n remote attacker can exploit this to execute arbitrary \n code. (ZDI-CAN-7696/ZDI-CAN-7694/ZDI-CAN-7777/ZDI-CAN-7874)\n\n - A use-after-free, remote code execution, information \n disclosure vulnerability exists when deleting Field with nested\n scripts. An authenticated, local attacker can exploit this to \n execute arbitrary code. (ZDI-CAN-8162/ZDI-CAN-8163/ZDI-CAN-8164/\n ZDI-CAN-8165/ZDI-CAN-8229/ZDI-CAN-8230/ZDI-CAN-8231/ZDI-CAN-8272)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.foxitsoftware.com/support/security-bulletins.php\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-428/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-429/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-430/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-431/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-432/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-433/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-434/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-435/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-436/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-437/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-438/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-439/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-440/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-441/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-442/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-443/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-444/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-445/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-446/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-19-447/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7407/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7561/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7613/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7614/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7620/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7694/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7696/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7701/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7769/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7777/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7844/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7874/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-7972/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-8162/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-8163/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-8164/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-8165/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-8170/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-8229/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-8230/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-8231/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-CAN-8272/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Foxit Reader version 9.5.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6769\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:foxitsoftware:foxit_reader\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"foxit_reader_installed.nasl\");\n script_require_keys(\"installed_sw/Foxit Reader\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'Foxit Reader';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n { 'min_version' : '9.0', 'max_version' : '9.4.1.16828', 'fixed_version' : '9.5.0'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
