Multiple vulnerabilities in Foxit PDF Reader and Foxit PDF Editor



Published: 2021-10-12
Risk High
Patch available YES
Number of vulnerabilities 18
CVE-ID CVE-2021-41780
CVE-2021-40326
CVE-2021-41781
CVE-2021-41784
CVE-2021-41782
CVE-2021-41783
CVE-2021-41785
CWE-ID CWE-476
CWE-119
CWE-347
CWE-122
CWE-787
CWE-134
CWE-125
CWE-20
CWE-121
CWE-416
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Foxit PDF Reader for Windows
Client/Desktop applications / Office applications

Foxit PDF Editor (formerly Foxit PhantomPDF)
Client/Desktop applications / Office applications

Vendor Foxit Software Inc.

Security Bulletin

This security bulletin contains information about 18 vulnerabilities.

1) NULL pointer dereference

EUVDB-ID: #VU57226

Risk: Low

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a NULL pointer dereference error and perform a denial of service (DoS) attack.

Details on the vulnerability are not fully disclosed, this issue has being assigned the following identifiers: CNVD-C-2021-205496, CNVD-C-2021-205515, CNVD-C-2021-205541.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Memory corruption

EUVDB-ID: #VU57219

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-41780

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU57225

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-40326

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to insufficient verification of digital signatures in PDF files. A remote attacker can display arbitrary content in the signed PDF file.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) Memory corruption

EUVDB-ID: #VU57224

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-41781

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

5) Memory corruption

EUVDB-ID: #VU57223

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-41784

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

6) Memory corruption

EUVDB-ID: #VU57222

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-41782

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

7) Memory corruption

EUVDB-ID: #VU57221

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-41783

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

8) Memory corruption

EUVDB-ID: #VU57220

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-41785

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

9) Heap-based buffer overflow

EUVDB-ID: #VU57235

Risk: High

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing JPEG2000 images in PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

This vulnerability has been assigned the following identifier: ZDI-CAN-14812.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

10) Out-of-bounds write

EUVDB-ID: #VU57227

Risk: Medium

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when converting PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into converting it to Microsoft Office format, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

11) Format string error

EUVDB-ID: #VU57234

Risk: Low

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-134 - Use of Externally-Controlled Format String

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a format string error when the util.printf function fails to handle the format extension properly. A remote attacker can supply a specially crafted PDF file that contains format string specifiers and gain access to sensitive information.

This vulnerability has been assigned the following identifier: ZDI-CAN-14849.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

12) Out-of-bounds read

EUVDB-ID: #VU57233

Risk: Low

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system or crash the application.

The vulnerability has been assigned the following identifiers: ZDI-CAN-14659, ZDI-CAN-14968.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

13) Input validation error

EUVDB-ID: #VU57232

Risk: Low

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when handling PDF files with illegal dictionary entries or incorrect Outlines. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger the stack overflow and crash the application.

The vulnerability has been assigned the following identifier: CNVD-C-2021-247433.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

14) Stack overflow

EUVDB-ID: #VU57231

Risk: Low

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-121 - Stack-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when handling JavaScript in PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger the stack overflow and crash the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

15) Out-of-bounds read

EUVDB-ID: #VU57230

Risk: Low

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling JavaScript. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system or crash the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

16) Memory corruption

EUVDB-ID: #VU57229

Risk: High

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to multiple boundary errors when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

The vulnerability has been assigned the following identifiers: ZDI-CAN-14273, ZDI-CAN-14395/CNVD-C-2021-247436, ZDI-CAN-14355, ZDI-CAN-14356, ZDI-CAN-14357, ZDI-CAN-14358, ZDI-CAN-14359, ZDI-CAN-14360, ZDI-CAN-14361, ZDI-CAN-14362, ZDI-CAN-14363, ZDI-CAN-14364, ZDI-CAN-14365, ZDI-CAN-14366, ZDI-CAN-14367, ZDI-CAN-14368.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

17) Use-after-free

EUVDB-ID: #VU57228

Risk: Medium

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a use-after-free error during URL path conversion in browser add-on, when processing a not accessible URL. A remote attacker can trick the victim to open a specially crafted PDF file in browser, trigger a use-after-free error and gain access to the NTLM v2 authentication credentials.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

18) Input validation error

EUVDB-ID: #VU57236

Risk: High

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of the file suffix and file path when handling attachments or submitting forms. A remote attacker can trick the victim to open a specially crafted PDF file and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Foxit PDF Reader for Windows: 9.0 - 11.0.1.49938

Foxit PDF Editor (formerly Foxit PhantomPDF): 11.0.0.0510 - 11.0.1.49938, 10.0.0.35798 - 10.1.5.37672, 9.0 - 9.7.5.29616


CPE2.3 External links

http://www.foxitsoftware.com/support/security-bulletins.html

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###