Two other high-severity flaws ( CVE-2020-10912, CVE-2020-10912) stem from the handling of the SetFieldValue command, which are set by the API calls. “They are very straightforward and don’t require massaging or spraying memory to be successful.” “CVE-2020-10890 and CVE-2020-10892 stand out as they are relatively easy to exploit,” Childs told Threatpost. These flaws stem from the handling of the ConvertToPDF command and the CombineFiles command, which allow an arbitrary file write with attacker controlled data.
![foxit reader pdf foxit reader pdf](https://topsoft.news/wordpress/wp-content/uploads/2016/06/Foxit.png)
FOXIT READER PDF UPDATE
PhantomPDF also patched several high-severity flaws, which impact versions 9.1 and earlier users are urged to update to PhantomPDF version 9.7.2. Childs said the most severe of these are two flaws in PhantomPDF’s API communication ( CVE-2020-10890 and CVE-2020-10892). PhantomPDF API calls are necessary for creating PDFs from other document types. The issue here is that there’s no check for an object prior to performing operations on the object, opening the process up to an RCE attack. Thebug exists because the AcroForms do not validate an object’s existence prior to performing operations on that object.įinally, a flaw ( CVE-2020-10906) was addressed in the resetForm method within Foxit Reader PDFs.
FOXIT READER PDF PDF
AcroForms are PDF files that contain form fields. An attacker can leverage both flaws to execute code in the context of the current process. Researchers also found an RCE flaw ( CVE-2020-10900) in the way AcroForms are processed. The issues both result from the lack of validating the existence of an object prior to performing operations on that object. Included are vulnerabilities ( CVE-2020-10899, CVE-2020-10907) within the processing of XFA templates, a template embedded in PDFs that allows for fillable fields. In an attack scenario for these flaws, “user interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file,” according to a Trend Micro ZDI vulnerability analysis. The high-severity flaws in Foxit Reader enable RCE they are fixed in Foxit Reader version 9.7.2. “All of these should be considered critical.” “There are several bugs that could result in remote code execution ,” Dustin Childs, manager at Trend Micro’s Zero Day Initiative (ZDI), told Threatpost.
FOXIT READER PDF SOFTWARE
In addition to millions users for its branded software, major corporations as Amazon, Google,and Microsoft license Foxit Software technology, opening up its threat landscape even more. PhantomPDF, meanwhile, enables users to convert different file formats to PDF. Foxit Reader is popular PDF software – with a user base of over 500 million for its free version – that provides tools for creating, signing and securing PDF files.
![foxit reader pdf foxit reader pdf](https://images.sftcdn.net/images/t_app-cover-l,f_auto/p/6ce02368-96d5-11e6-a755-00163ec9f5fa/2599360526/foxit-pdf-reader-screenshot.jpg)
Overall, Foxit Software patched flaws tied to 20 CVEs in Foxit Reader and Foxit PhantomPDF (versions 9.1 and earlier) for Windows. The most severe of the bugs, which exist on Windows versions of the software, enable a remote attacker to execute arbitrary code on vulnerable systems. Foxit Software has released patches for dozens of high-severity flaws impacting its PDF reader and editor platforms.