Executive Summary
Summary | |
---|---|
Title | Foxit Reader vulnerable to arbitrary command execution |
Informations | |||
---|---|---|---|
Name | VU#570177 | First vendor Publication | 2010-04-02 |
Vendor | VU-CERT | Last vendor Modification | 2010-04-15 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#570177Foxit Reader vulnerable to arbitrary command executionOverviewFoxit Reader contains a vulnerability that may allow an attacker to execute arbitrary commands without requiring user interaction.I. DescriptionFoxit Reader is software designed to view Portable Document Format (PDF) files. The Adobe PDF Reference supports a "Launch action" that "... launches an application or opens or prints a document." Foxit Reader uses the ShellExecute function to handle PDFs that use a Launch action. In some cases, Foxit Reader will not prompt the user before an application is launched with a Launch action. It is also reported that the Launch Action can be used to launch an executable that is included in the PDF document, which results in arbitrary code execution.II. ImpactBy convincing a user to open a PDF document, e.g. by visiting a website, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.III. SolutionApply an updateThis issue is addressed in Foxit Reader 3.2.1.0401. This update will cause Foxit Reader to prompt the user before using a Launch Action.
References
This vulnerability was reported by Didier Stevens. This document was written by Will Dormann.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/570177 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:24059 | |||
Oval ID: | oval:org.mitre.oval:def:24059 | ||
Title: | Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and (2) execute arbitrary programs embedded in a PDF document via an unspecified "/Launch /Action" sequence, a related issue to CVE-2009-0836 (CVE-2010-1239) | ||
Description: | Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and (2) execute arbitrary programs embedded in a PDF document via an unspecified "/Launch /Action" sequence, a related issue to CVE-2009-0836. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1239 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-04-13 | Name : Foxit Reader Arbitrary Command Execution Vulnerability File : nvt/gb_foxit_reader_code_exec_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
63548 | Foxit Reader Crafted PDF File Action Launch Sequence Arbitrary Program Execution Foxit Reader contains a flaw that may allow an attacker to execute an arbitrary executable. The issue is triggered when a specially crafted PDF file containing an embedded executable is opened with Foxit Reader. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-04-02 | Name : A PDF viewer installed on the remote host is affected by a command execution ... File : foxit_reader_3_2_1.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-03-08 13:26:07 |
|