SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Foxit Reader Vendors:   Foxit Software
Foxit Reader Multiple Flaws Let Remote Users Execute Arbitrary Code, Deny Service, and Obtain Potentially Sensitive Information
SecurityTracker Alert ID:  1040733
SecurityTracker URL:  http://securitytracker.com/id/1040733
CVE Reference:   CVE-2017-14458, CVE-2017-17557, CVE-2018-3842, CVE-2018-3843, CVE-2018-3850, CVE-2018-3853, CVE-2018-10302, CVE-2018-10303   (Links to External Site)
Updated:  May 25 2018
Original Entry Date:  Apr 20 2018
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 8.3.5.30351 and prior 8.x; 9.0.1.1049 and prior 9.x
Description:   Multiple vulnerabilities were reported in Foxit Reader. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can cause denial of service conditions on the target system. A remote user can obtain potentially sensitive information on the target system.

A remote user can place a specially crafted DLL file in the specified path directory to exploit a DLL loading error. When the target user launches the application, arbitrary code will be executed on the target user's system.

A remote user can create a specially crafted PDF file that, when loaded by the target user in a browser via Microsoft Word, will trigger a COM object handling error and cause the target application to crash.

A remote user can create a specially crafted file that, when loaded by the target user, will trigger an error in GoToE & GoToR Actions and run arbitrary executable applications on the target system.

A remote user can create a specially crafted PDF file with an embedded executable file that, when loaded by the target user, will run arbitrary executable applications on the target system.

A remote user can create a specially crafted file that, when loaded by the target user when not in Safe-Reading-Mode, will trigger an out-of-bounds memory read error in the _JP2_Codestream_Read_SOT() function and access potentially sensitive information on the target user's system.

A remote user can create a specially crafted file that, when loaded by the target user, will execute arbitrary code on the target system.

A heap overflow may occur [CVE-2017-17557].

A use-after-free memory error may occur [CVE-2017-14458].

An uninitialized memory error may occur when using the Uint32Array object or member variables in PrintParams or m_pCurContex objects [CVE-2018-3842].

An out-of-bounds memory read and write error may occur.

A type confusion error may occur when executing certain XFA functions.

A use-after-free memory error may occur [CVE-2018-3850, CVE-2018-3853, CVE-2018-10302, CVE-2018-10303].

A type confusion error may occur [CVE-2018-3843].

Ye Yint Min Thu htut, Steven Seeley (mr_me) of Source Incite, willJ of Tencent PC Manager (via Trend Micro's Zero Day Initiative), Add of MeePwn (via Trend Micro's Zero Day Initiative), Aleksandar Nikolic of Cisco Talos, bit from meepwn team (via Trend Micro's Zero Day Initiative), Phil Blankenship of Cerberus Security (via Trend Micro's Zero Day Initiative), Sudhakar Verma and Ashfaq Ansari - Project Srishti (via Trend Micro's Zero Day Initiative, soiax (via Trend Micro's Zero Day Initiative), Anonymous (via Trend Micro's Zero Day Initiative), Assaf Baharav of Threat Response Research Team, Anurudh, and Fortinet's FortiGuard Labs reported these vulnerabilities.

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can cause the target application to crash.

A remote user can obtain potentially sensitive information on the target system.

Solution:   The vendor has issued a fix (8.3.6, 9.1).

The vendor advisory is available at:

https://www.foxitsoftware.com/support/security-bulletins.php#content-2018

Vendor URL:  www.foxitsoftware.com/support/security-bulletins.php#content-2018 (Links to External Site)
Cause:   Access control error, Boundary error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC