Multiple vulnerabilities in Foxit Reader and PhantomPDF
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 18 |
| CVE-ID | CVE-2020-10889 CVE-2020-10913 CVE-2020-10912 CVE-2020-10911 CVE-2020-10910 CVE-2020-10909 CVE-2020-10908 CVE-2020-10891 CVE-2020-10899 CVE-2020-10900 CVE-2020-10906 CVE-2020-10907 |
| CWE-ID | CWE-200 CWE-799 CWE-416 CWE-835 CWE-347 CWE-843 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Foxit PDF Reader for Windows Client/Desktop applications / Office applications Foxit PDF Editor (formerly Foxit PhantomPDF) Client/Desktop applications / Office applications |
| Vendor | Foxit Software Inc. |
Security Bulletin
This security bulletin contains information about 18 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU27062
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to hardcoded credentials being used during HTTP request in DocuSign plugin. A remote attacker can gain intercept network traffic and gain access to sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper control of interaction frequency
EUVDB-ID: #VU27063
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-799 - Improper Control of Interaction Frequency
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a brute-force attack.
The vulnerability exists due to CAS service allows unlimited number of attempts to guess credentials. A remote attacker can perform a brute-force attack and gain unauthorized access to the application.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use-after-free
EUVDB-ID: #VU27064
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a user-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Infinite loop
EUVDB-ID: #VU27065
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop when processing actions that contain circular reference in PDF files. A remote attacker can consume all available system resources and cause denial of service conditions.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Infinite loop
EUVDB-ID: #VU27066
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop when parsing certain PDF file that contains irregular data in cross-reference stream or lengthy character strings in the content stream. A remote attacker can consume all available system resources and cause denial of service conditions.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper Verification of Cryptographic Signature
EUVDB-ID: #VU27067
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-347 - Improper Verification of Cryptographic Signature
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to incorrect validation of signatures of PDF files. A remote attacker can bypass signature validation process and bypass implemented security restrictions.
Install updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Type Confusion
EUVDB-ID: #VU27068
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10889
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error within the handling of the DuplicatePages command of the communication API.. A remote attacker can create a specially crafted PDF file, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-511/
http://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Type Confusion
EUVDB-ID: #VU27075
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10913
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error within the handling of the OCRAndExportToExcel command of the communication API. A remote attacker can create a specially crafted PDF file, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-520/
http://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Type Confusion
EUVDB-ID: #VU27074
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10912
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error within the handling of the SetFieldValue command of the communication API. A remote attacker can create a specially crafted PDF file, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-519/
http://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Type Confusion
EUVDB-ID: #VU27073
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10911
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error within the handling of the GetFieldValue command of the communication API. A remote attacker can create a specially crafted PDF file, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-518/
http://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Type Confusion
EUVDB-ID: #VU27072
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10910
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error within the handling of the RotatePage command of the communication API. A remote attacker can create a specially crafted PDF file, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-517/
http://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Type Confusion
EUVDB-ID: #VU27071
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10909
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error within the handling of the AddWatermark command of the communication API. A remote attacker can create a specially crafted PDF file, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-516/
http://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Type Confusion
EUVDB-ID: #VU27070
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10908
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error within the handling of the Export command of the communication API. A remote attacker can create a specially crafted PDF file, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-515/
http://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Type Confusion
EUVDB-ID: #VU27069
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10891
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error within the handling of the Save command of the communication API. A remote attacker can create a specially crafted PDF file, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-514/
http://www.foxitsoftware.com/support/security-bulletins.php?9.7.1.29511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Use-after-free
EUVDB-ID: #VU27092
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10899
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the processing of XFA templates. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-527/
http://www.foxitsoftware.com/support/security-bulletins.php
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Use-after-free
EUVDB-ID: #VU27091
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10900
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the processing of AcroForms. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-528/
http://www.foxitsoftware.com/support/security-bulletins.php
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Use-after-free
EUVDB-ID: #VU27090
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10906
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the resetForm method. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-534/
http://www.foxitsoftware.com/support/security-bulletins.php
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Use-after-free
EUVDB-ID: #VU27089
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-10907
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the handling of widgets in XFA forms. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFoxit PDF Reader for Windows: 9.0 - 9.7.1.29511
Foxit PDF Editor (formerly Foxit PhantomPDF): 8.3.9.41099 - 9.7.1.29511
External linkshttp://www.zerodayinitiative.com/advisories/ZDI-20-535/
http://www.foxitsoftware.com/support/security-bulletins.php
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
