Foxit Reader Remote Code Execution Vulnerability
BID:39109
Info
Foxit Reader Remote Code Execution Vulnerability
| Bugtraq ID: | 39109 |
| Class: | Design Error |
| CVE: |
CVE-2010-1240 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 29 2010 12:00AM |
| Updated: | Jun 20 2013 09:38AM |
| Credit: | Didier Stevens |
| Vulnerable: |
Foxit Foxit Reader 3.2 0303 Foxit Foxit Reader 3.0.2009 .1301 Foxit Foxit Reader 3.2 Foxit Foxit Reader 3.1.4.1125 Foxit Foxit Reader 3.0 Build 1817 Foxit Foxit Reader 3.0 Build 1506 Foxit Foxit Reader 3.0 Adobe Reader 9.3.3 Adobe Reader 9.3.2 Adobe Reader 9.3.1 Adobe Reader 9.1.3 Adobe Reader 9.1.2 Adobe Reader 9.1.1 Adobe Reader 8.2.3 Adobe Reader 8.2.2 Adobe Reader 8.2.1 Adobe Reader 8.1.7 Adobe Reader 8.1.6 Adobe Reader 8.1.5 Adobe Reader 8.1.4 Adobe Reader 8.1.3 Adobe Reader 8.1.2 Adobe Reader 8.1.1 Adobe Reader 9.3 Adobe Reader 9.2 Adobe Reader 9.1 Adobe Reader 9 Adobe Reader 8.2 Adobe Reader 8.1.2 Security Updat Adobe Reader 8.1 Adobe Reader 8.0 Adobe Acrobat Standard 9.3.3 Adobe Acrobat Standard 9.3.2 Adobe Acrobat Standard 9.3.1 Adobe Acrobat Standard 9.1.3 Adobe Acrobat Standard 9.1.2 Adobe Acrobat Standard 8.2.2 Adobe Acrobat Standard 8.2.1 Adobe Acrobat Standard 8.1.7 Adobe Acrobat Standard 8.1.6 Adobe Acrobat Standard 8.1.4 Adobe Acrobat Standard 8.1.3 Adobe Acrobat Standard 8.1.2 Adobe Acrobat Standard 8.1.1 Adobe Acrobat Standard 9.3 Adobe Acrobat Standard 9.2 Adobe Acrobat Standard 9.1 Adobe Acrobat Standard 9 Adobe Acrobat Standard 8.2 Adobe Acrobat Standard 8.1 Adobe Acrobat Standard 8.0 Adobe Acrobat Reader (for Linux) 9.3.3 Adobe Acrobat Reader (for Linux) 9.1.1 Adobe Acrobat Professional 9.3.3 Adobe Acrobat Professional 9.3.2 Adobe Acrobat Professional 9.3.1 Adobe Acrobat Professional 9.1.3 Adobe Acrobat Professional 9.1.2 Adobe Acrobat Professional 8.2.2 Adobe Acrobat Professional 8.2.1 Adobe Acrobat Professional 8.1.7 Adobe Acrobat Professional 8.1.6 Adobe Acrobat Professional 8.1.4 Adobe Acrobat Professional 8.1.3 Adobe Acrobat Professional 8.1.2 Adobe Acrobat Professional 8.1.1 Adobe Acrobat Professional 9.3 Adobe Acrobat Professional 9.2 Adobe Acrobat Professional 9.1 Adobe Acrobat Professional 9 Adobe Acrobat Professional 8.2 Adobe Acrobat Professional 8.1.2 Security Updat Adobe Acrobat Professional 8.1 Adobe Acrobat Professional 8.0 Adobe Acrobat 9.3.3 Adobe Acrobat 9.3.2 Adobe Acrobat 9.3.1 Adobe Acrobat 9.1.1 Adobe Acrobat 8.2.3 Adobe Acrobat 8.2.2 Adobe Acrobat 8.1.8 Adobe Acrobat 9.3 Adobe Acrobat 9.2 |
| Not Vulnerable: |
Foxit Foxit Reader 3.2.1 0401 Adobe Reader 9.3.4 Adobe Reader 8.2.4 Adobe Acrobat Standard 9.3.4 Adobe Acrobat Professional 9.3.4 Adobe Acrobat Professional 8.2.4 |
Discussion
Foxit Reader Remote Code Execution Vulnerability
Foxit Reader is prone to a remote code-execution vulnerability because it fails to properly restrict access to certain functionality.
An attacker can exploit this issue by enticing a user to open a malicious PDF file.
Successful exploits may allow the attacker to execute arbitrary code or commands in the context of a user running the affected application.
The issue affects Foxit Reader 3.2.0.0303 and prior; other versions may also be affected.
Foxit Reader is prone to a remote code-execution vulnerability because it fails to properly restrict access to certain functionality.
An attacker can exploit this issue by enticing a user to open a malicious PDF file.
Successful exploits may allow the attacker to execute arbitrary code or commands in the context of a user running the affected application.
The issue affects Foxit Reader 3.2.0.0303 and prior; other versions may also be affected.
Exploit / POC
Foxit Reader Remote Code Execution Vulnerability
To exploit this issue, an attacker must entice an unsuspecting user into visiting a malicious webpage or opening a specially crafted PDF file.
The following exploits are available:
To exploit this issue, an attacker must entice an unsuspecting user into visiting a malicious webpage or opening a specially crafted PDF file.
The following exploits are available:
Solution / Fix
Foxit Reader Remote Code Execution Vulnerability
Solution:
Updates are available. Please see the references for more information.
Foxit Foxit Reader 3.0
Foxit Foxit Reader 3.0 Build 1506
Foxit Foxit Reader 3.2
Foxit Foxit Reader 3.0 Build 1817
Foxit Foxit Reader 3.1.4.1125
Foxit Foxit Reader 3.0.2009 .1301
Foxit Foxit Reader 3.2 0303
Solution:
Updates are available. Please see the references for more information.
Foxit Foxit Reader 3.0
-
Foxit Foxit Reader 3.2.1
http://downloads.foxitsoftware.com/getfile.php?product=reader&version= 3.2.1&language=enu&build=0401&filetype=exe&mirror=cdn01
Foxit Foxit Reader 3.0 Build 1506
-
Foxit Foxit Reader 3.2.1
http://downloads.foxitsoftware.com/getfile.php?product=reader&version= 3.2.1&language=enu&build=0401&filetype=exe&mirror=cdn01
Foxit Foxit Reader 3.2
-
Foxit Foxit Reader 3.2.1
http://downloads.foxitsoftware.com/getfile.php?product=reader&version= 3.2.1&language=enu&build=0401&filetype=exe&mirror=cdn01
Foxit Foxit Reader 3.0 Build 1817
-
Foxit Foxit Reader 3.2.1
http://downloads.foxitsoftware.com/getfile.php?product=reader&version= 3.2.1&language=enu&build=0401&filetype=exe&mirror=cdn01
Foxit Foxit Reader 3.1.4.1125
-
Foxit Foxit Reader 3.2.1
http://downloads.foxitsoftware.com/getfile.php?product=reader&version= 3.2.1&language=enu&build=0401&filetype=exe&mirror=cdn01
Foxit Foxit Reader 3.0.2009 .1301
-
Foxit Foxit Reader 3.2.1
http://downloads.foxitsoftware.com/getfile.php?product=reader&version= 3.2.1&language=enu&build=0401&filetype=exe&mirror=cdn01
Foxit Foxit Reader 3.2 0303
References
Foxit Reader Remote Code Execution Vulnerability
References:
References:
- Adobe Security Advisory APSB10-17 (Adobe)
- Authorization Bypass When Executing An Embedded Executable (Foxit)
- Escape From PDF (Didier Stevens)
- Foxit Reader Homepage (Foxit )
- APSB10-15 Security updates available for Adobe Reader and Acrobat (Adobe)
- VU#570177 Foxit Reader vulnerable to arbitrary command execution (US-CERT)