#VU7987 Command injection in Foxit PDF Reader for Windows - CVE-2017-10951
Published: August 18, 2017 / Updated: August 12, 2020
Vulnerability identifier: #VU7987
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-10951
CWE-ID: CWE-77
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Foxit PDF Reader for Windows
Foxit PDF Reader for Windows
Software vendor:
Foxit Software Inc.
Foxit Software Inc.
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists in app.launchURL method due to insufficient validation of user-supplied string before using it to execute a system call. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, inject malicious commands and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise however requires that attacker is able to bypass Safe Reading Mode.
The weakness exists in app.launchURL method due to insufficient validation of user-supplied string before using it to execute a system call. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, inject malicious commands and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise however requires that attacker is able to bypass Safe Reading Mode.
Remediation
Install update from vendor's website.