Vulnerability CVE-2018-9958


Published: 2018-05-17

Description:
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5620.

See advisories in our WLB2 database:
Topic
Author
Date
High
Foxit Reader 9.0.1.1049 remote code execution PoC
mr_me
25.06.2018

Type:

CWE-416

(Use After Free)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Foxitsoftware -> Foxit reader 
Foxitsoftware -> Phantom pdf 
Foxitsoftware -> Phantompdf 

 References:
https://www.exploit-db.com/exploits/44941/
https://www.exploit-db.com/exploits/45269/
https://www.foxitsoftware.com/support/security-bulletins.php
https://zerodayinitiative.com/advisories/ZDI-18-342

Copyright 2024, cxsecurity.com

 

Back to Top