9.3 - VU#119747

Executive Summary

Summary
Title	Foxit Reader buffer overflow vulnerability

Informations
Name	VU#119747	First vendor Publication	2008-05-27
Vendor	VU-CERT	Last vendor Modification	2008-05-27
Severity (Vendor)	N/A	Revision	M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#119747

Foxit Reader buffer overflow vulnerability

Overview

Foxit Reader contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code.

I. Description

Foxit Reader is a PDF reader that is available on multiple operating systems.

From the Secuia Research advisoryFoxit Reader "util.printf()" Buffer Overflow:

ecunia Research has discovered a vulnerability in Foxit Reader, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the "util.printf()" JavaScript function. This can be exploited to cause a stack-based buffer overflow via a specially crafted PDF file.

To exploit this vulnerability an attacker would have to persuade a user to open a specially crafted PDF file. The malicious PDF could be hosted on a web page or sent via email.

II. Impact

A remote, unauthenticated attacker may be able to execute arbitrary code.

III. Solution

Foxit Reader version 2.3 build 2912 was released to address this issue.

Do not open untrusted PDF files

Do not open unfamiliar or unexpected PDF attachments. Users can convert PDF documents to text or HTML by using search engine features or other hosted PDF rendering services.

Systems Affected

Vendor	Status	Date Updated
Foxit Software Company	Vulnerable	27-May-2008

References

http://secunia.com/advisories/29941/
http://www.adobe.com/devnet/pdf/pdf_reference.html
http://www.google.com/help/features.html#pdf

Credit

This vulnerability was published by Dyon Balding from Secunia Research.

This document was written by Ryan Giobbi.

Other Information

Date Public	05/20/2008
Date First Published	05/27/2008 03:46:18 PM
Date Last Updated	05/27/2008
CERT Advisory
CVE Name	CVE-2008-1104
US-CERT Technical Alerts
Metric	1.69
Document Revision	21

Original Source

Url : http://www.kb.cert.org/vuls/id/119747

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

Type	Description	Count
Application	Foxitsoftware Foxit Reader cpe:2.3:a:foxitsoftware:foxit_reader:2.3:::::::* cpe:2.3:a:foxitsoftware:foxit_reader:2.2:::::::* cpe:2.3:a:foxitsoftware:foxit_reader:2.0:::::::* cpe:2.3:a:foxitsoftware:foxit_reader::::::::	4

Open Source Vulnerability Database (OSVDB)

Id	Description
45351	Foxit Reader util.printf() Function PDF File Handling Overflow

Nessus® Vulnerability Scanner

Date	Description
2008-05-20	Name : A PDF viewer installed on the remote host is affected by a remote code execut... File : foxit_reader_2_3_2912.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2016-03-08 13:26:07	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
CPE ID(s)	4
osvdb(s)	1
Nessus® Exploit(s)	1

	Related
9.3	CVE-2008-1104
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)