Multiple vulnerabilities in Foxit Reader and PhantomPDF
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | N/A |
| CWE-ID | CWE-787 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Foxit PDF Reader for Windows Client/Desktop applications / Office applications Foxit PDF Editor (formerly Foxit PhantomPDF) Client/Desktop applications / Office applications |
| Vendor | Foxit Software Inc. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU88
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows remote attacker to execute arbitrary code on vulnerable installations of Foxit Reader.
The vulnerability exists within the ConvertToPDF plugin. A remote attacker can cause arbitrary code execution by sending specially crafted GIF image to vulnerable server.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Update your aplications to the latest versions, which can be found at:
https://www.foxitsoftware.com/support/security-bulletins.php
Foxit PDF Reader for Windows: 7.3.4.311
Foxit PDF Editor (formerly Foxit PhantomPDF): 7.3.4.311
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:7.3.4.311:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:7.3.4.311:*:*:*:*:*:*:*
https://www.foxitsoftware.com/support/security-bulletins.php
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU89
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to execute arbitrary code on vulnerable installations of Foxit Reader.
The vulnerability exists within the ConvertToPDF plugin. A remote unauthenticated attacker can cause remote code execution by sending specially crafted JPEG image to vulnerable server.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Update your applications to the latest versions, wich can be found at:
https://www.foxitsoftware.com/support/security-bulletins.php
Foxit PDF Reader for Windows: 7.3.0.118
Foxit PDF Editor (formerly Foxit PhantomPDF): 7.3.0.118
CPE2.3- cpe:2.3:a:foxit_software:foxit_reader_for_windows:7.3.0.118:*:*:*:*:*:*:*
- cpe:2.3:a:foxit_software:foxit_phantompdf:7.3.0.118:*:*:*:*:*:*:*
https://www.foxitsoftware.com/support/security-bulletins.php
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
