Multiple vulnerabilities in Foxit Reader and PhantomPDF



Published: 2021-03-22 | Updated: 2021-03-22
Risk High
Patch available YES
Number of vulnerabilities 11
CVE-ID CVE-2021-27270
CVE-2021-27271
CVE-2021-27269
CVE-2021-27268
CVE-2021-27267
CVE-2021-27266
CVE-2021-27265
CVE-2021-27264
CVE-2021-27263
CVE-2021-27262
CVE-2021-27261
CWE-ID CWE-125
CWE-119
CWE-787
CWE-416
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Foxit PDF Reader for Windows
Client/Desktop applications / Office applications

Foxit PDF Editor (formerly Foxit PhantomPDF)
Client/Desktop applications / Office applications

Vendor Foxit Software Inc.

Security Bulletin

This security bulletin contains information about 11 vulnerabilities.

Updated: 22.03.2021

Updated security bulletin with vulnerability information, provided by ZDI, raised bulletin risk level from Medium to High.

1) Out-of-bounds read

EUVDB-ID: #VU51590

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-27270

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the parsing of JPEG2000 images. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 10.0.0.35798 - 10.1.1.37576

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html?Security+updates+available+in+Foxit+Reader+10.1.3+and+Foxit+PhantomPDF+10.1.32021-03-22+00%3A00%3A00
http://www.zerodayinitiative.com/advisories/ZDI-21-352/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Buffer overflow

EUVDB-ID: #VU51621

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-27271

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the handling of U3D objects embedded in PDF files in U3DBrowser. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-21-353/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Out-of-bounds write

EUVDB-ID: #VU51619

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-27269

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error within the handling of U3D objects in PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-21-351/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) Use-after-free

EUVDB-ID: #VU51618

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-27268

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the handling of U3D objects in PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-21-350/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

5) Use-after-free

EUVDB-ID: #VU51617

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-27267

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the handling of U3D objects in PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-21-349/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

6) Out-of-bounds read

EUVDB-ID: #VU51616

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-27266

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the handling of U3D objects embedded in PDF files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-21-348/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

7) Out-of-bounds read

EUVDB-ID: #VU51615

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-27265

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the handling of U3D objects embedded in PDF files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-21-347/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

8) Out-of-bounds read

EUVDB-ID: #VU51614

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-27264

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the handling of U3D objects embedded in PDF files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-21-346/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

9) Out-of-bounds read

EUVDB-ID: #VU51613

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-27263

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the handling of U3D objects embedded in PDF files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-21-345/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

10) Out-of-bounds read

EUVDB-ID: #VU51612

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-27262

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the handling of U3D objects embedded in PDF files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-21-344/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

11) Out-of-bounds read

EUVDB-ID: #VU51611

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-27261

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the handling of U3D objects in PDF files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Editor (formerly Foxit PhantomPDF): 10.0.0.35798 - 10.1.1.37576


CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-21-343/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###