Home Internet Security Foxit Reader bug lets attackers run malicious code via PDFs

Foxit Reader bug lets attackers run malicious code via PDFs

45
0


Foxit Reader bug lets attackers run malicious code via PDFs

Foxit Software program, the corporate behind the extremely well-liked Foxit Reader, has revealed safety updates to repair a excessive severity distant code execution (RCE) vulnerability affecting the PDF reader.

This safety flaw may permit attackers to run malicious code on customers’ Home windows computer systems and, probably, take over management.

Foxit claims to have greater than 650 million customers from 200 international locations, with its software program presently being utilized by over 100,000 clients.

The corporate’s in depth enterprise buyer checklist accommodates a number of high-profile tech firms, together with Google, Intel, NASDAQ, Chevron, British Airways, Dell, HP, Lenovo, and Asus.

Use after free weak spot exposes customers to RCE assaults

The high-severity vulnerability (tracked a CVE-2021-21822) outcomes from a Use After Free bug discovered by Aleksandar Nikolic of Cisco Talos within the V8 JavaScript engine utilized by Foxit Reader to show dynamic types and interactive doc parts.

Profitable exploitation of use after free bugs can result in sudden outcomes starting from program crashes and knowledge corruption to the execution of arbitrary code on computer systems operating the weak software program.

This safety flaw is attributable to how the Foxit Reader utility and browser extensions deal with sure annotation sorts, which attackers can abuse to craft malicious PDFs that can permit them to run arbitrary code by way of exact reminiscence management.

“A specifically crafted PDF doc can set off the reuse of beforehand free reminiscence, which might result in arbitrary code execution,” Nikolic explained.

“An attacker must trick the person into opening a malicious file or web site to set off this vulnerability if the browser plugin extension is enabled.”

The vulnerability impacts Foxit Reader 10.1.3.37598 and earlier variations, and it was addressed with the discharge of Foxit Reader 10.1.4.37651.

To defend in opposition to CVE-2021-21822 assaults, it’s a must to download the latest Foxit Reader version after which click on on “Test for Updates” within the app’s “Assist” dialog.

Extra vulnerabilities mounted in Foxit Reader 10.1.4

Foxit mounted a number of different safety bugs impacting earlier Foxit Reader variations within the newest launch, exposing customers’ units to denial of service, distant code execution, data disclosure, SQL injection, DLL hijacking, and different vulnerabilities.

The complete list of security fixes within the Foxit Reader 10.1.4 launch contains:

  • Points the place the appliance could possibly be uncovered to Reminiscence Corruption vulnerability and crash when exporting sure PDF information to different codecs.
  • Points the place the appliance could possibly be uncovered to Denial of Service vulnerability and crash when dealing with sure XFA types or hyperlink objects.
  • Points the place the appliance could possibly be uncovered to Denial of Service, Null Pointer Reference, Out-of-Bounds Learn, Context Degree Bypass, Kind Confusion, or Buffer Overflow vulnerability and crash, which could possibly be exploited by attackers to execute distant code.
  • Subject the place the appliance could possibly be uncovered to Arbitrary File Deletion vulnerability on account of improper entry management.
  • Subject the place the appliance may ship incorrect signature data for sure PDF information that contained invisible digital signatures.
  • Points the place the appliance could possibly be uncovered to DLL Hijacking vulnerability when it was launched, which could possibly be exploited by attackers to execute distant code by putting a malicious DLL within the specified path listing.
  • Points the place the appliance could possibly be uncovered to Out-of-Bounds Write/Learn Distant Code Execution or Data Disclosure vulnerability and crash when dealing with sure JavaScripts or XFA types.
  • Subject the place the appliance could possibly be uncovered to Out-of-Bounds Write vulnerability when parsing sure PDF information that comprise nonstandard /Dimension key worth within the Trailer dictionary.
  • Subject the place the appliance could possibly be uncovered to Out-of-Bounds, Write vulnerability and crash when changing sure PDF information to Microsoft Workplace information.
  • Points the place the appliance could possibly be uncovered to Arbitrary File Write Distant Code Execution vulnerability when executing sure JavaScripts.
  • Points the place the appliance could possibly be uncovered to SQL Injection Distant Code Execution vulnerability.
  • Subject the place the appliance could possibly be uncovered to Uninitialized Variable Data Disclosure vulnerability and crash.
  • Points the place the appliance could possibly be uncovered to Out-of-Bounds Learn or Heap-based Buffer Overflow vulnerability and crash, which could possibly be exploited by attackers to execute distant code or disclose delicate data.

Two years in the past, Foxit disclosed a data breach stemming from unauthorized third events accessing the private data of 328,549 ‘My Account’ service customers, together with buyer and firm names, emails, cellphone numbers, and passwords.



Source link