Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Foxit Reader Multiple Vulnerabilities October 2019
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The host is installed with Foxit Reader and is prone to multiple vulnerabilities.
Insight
Insight
Multiple flaws exist due to, - An unexpected error or out-of-memory in V8 Engine when executing certain JavaScript. - An error within the processing of fields within Acroform objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. - An error exists within the processing of TIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. - An error exists within the processing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. - An error exists within the parsing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. - An error exists within the processing of templates in XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. - An error when parsing certain file data due to the access of null pointer without proper validation. - The nested calling of functions when parsing XML files. - The dereference of null pointer.
Affected Software
Affected Software
Foxit Reader version 9.6.0.25114 and earlier on Windows.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Upgrade to Foxit Reader 9.7 or later. Please see the references for more information.