SB2019010403 - Multiple vulnerabilities in 3D Plugin Beta for Foxit Reader or Foxit PhantomPDF

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019010403

SB2019010403 - Multiple vulnerabilities in 3D Plugin Beta for Foxit Reader or Foxit PhantomPDF

Published: January 4, 2019

Security Bulletin ID SB2019010403
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Out-of-bounds write (CVE-ID: N/A)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the improper handling of logic exception in IFXASSERT function when handling certain PDF file that embeds specifically crafted 3D content. A remote attacker can trick the victim into processing a specially crafted PDF file, trigger out-of-bounds write and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


2) Out-of-bounds read (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to out-of-bounds read when handling certain PDF file that embeds specifically crafted 3D content. A remote attacker can trick the victim into processing a specially crafted PDF file, trigger heap-based buffer overflow and cause the service to crash.


3) Integer overflow (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to the free of valid memory when handling certain PDF file that embeds specifically crafted 3D content. A remote attacker can trick the victim into processing a specially crafted PDF file, trigger integer overflow and cause the service to crash.


4) Use-after-free error (CVE-ID: N/A)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the use of wild pointer when handing certain PDF file that embeds specifically crafted 3D content. A remote attacker can trick the victim into processing a specially crafted PDF file, trigger use-after-free error or type confusion error and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


Remediation

Install update from vendor's website.

References