SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Application (Generic)  >   Foxit Reader Vendors:   Foxit Software
Foxit Reader Multiple Flaws Let Remote Users Obtain Potentially Sensitive Files and Information, Deny Service, and Execute Arbitrary Code
SecurityTracker Alert ID:  1036224
SecurityTracker URL:  http://securitytracker.com/id/1036224
CVE Reference:   CVE-2016-6168, CVE-2016-6169   (Links to External Site)
Updated:  Jul 22 2016
Original Entry Date:  Jul 5 2016
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.3.4.311 and prior
Description:   Several vulnerabilities were reported in Foxit Reader. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain potentially sensitive information on the target system. A remote user can cause the target application to crash.

A remote user can create a specially crafted file that, when loaded by the target user, will disclose potentially sensitive files and information or execute arbitrary code on the target system. The code will run with the privileges of the target user.

A use-after-free memory error in processing XFA files may occur.

A use-after-free memory error in processing inline images in PDF files may occur [CVE-2016-6168].

A safe-mode bypass in processing SWF content embedded in a PDF file may occur and can be exploited to access the target user's files or remote resources.

An exportData restrictions bypass code execution error may occur.

An out-of-bounds write error in converting TIFF files to PDF files may occur.

An out-of-bounds read error in converting JPEG files containing EXIF data to PDF files may occur.

An out-of-bounds read error in parsing JPEG images may occur.

An out-of-bounds write error in converting GIF files to PDF files may occur.

An out-of-bounds write error in converting BMP files to PDF files may occur.

An out-of-bounds read error may allow remote code execution.

A heap overflow may occur in processing TIFF files.

A stack overflow may occur in parsing a specially crafted GoToR string.

An uninitialized pointer error in processing stretched images in PDF files may occur.

A heap overflow in parsing PDF files containing specially crafted Bezier data may occur [CVE-2016-6169].

A PDF file containing a specially crafted image description can cause the application to crash.

Foxit PhantomPDF is also affected.

Rocco Calvi, Kushal Arvind Shah of Fortinet's FortiGuard Labs, Bjorn Ruytenberg (via Trend Micro's Zero Day Initiative), insertscript (via Trend Micro's Zero Day Initiative), kdot (via Trend Micro's Zero Day Initiative), kdot and anonymous (via Trend Micro's Zero Day Initiative), Ke Liu of Tencent's Xuanwu LAB, Abdul-Aziz Hariri of Trend Micro Zero Day Initiative, Rocco Calvi and Steven Seeley of Source Incite (via Trend Micro's Zero Day Initiative), Steven Seeley of Source Incite (via Trend Micro's Zero Day Initiative), and Kai Lu of Fortinet's FortiGuard Labs reported these vulnerabilities.

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can obtain potentially sensitive information on the target system.

A remote user can cause the target application to crash.

Solution:   The vendor has issued a fix (8.0) [in June 2016].

The vendor's advisory is available at:

https://www.foxitsoftware.com/support/security-bulletins.php#content-2016

Vendor URL:  www.foxitsoftware.com/support/security-bulletins.php#content-2016 (Links to External Site)
Cause:   Access control error, Boundary error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC