Beschreibung
Multiple serious vulnerabilities have been found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service and obtain sensitive information.
Below is a complete list of vulnerabilities:
- An use-after-free vulnerability in the AFParseDateEx function can be exploited remotely to execute arbitrary code;
- An out-of-bounds read vulnerability in the PDF file parsing can be exploited remotely to btain sensitive information;
- An out-of-bounds read vulnerability in the ObjStm objects parsing can be exploited remotely to btain sensitive information;
- An use-after-free vulnerability in the app.alert function can be exploited remotely to execute arbitrary code;
- A potential use-before-initialization vulnerabilitythe gotoURL method can be exploited to execute arbitrary code.
Ursprüngliche Informationshinweise
CVE Liste
- CVE-2017-10953 critical
- CVE-2017-10994 critical
- CVE-2017-10941 critical
- CVE-2017-10942 critical
- CVE-2017-10943 critical
- CVE-2017-10944 critical
- CVE-2017-10945 critical
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!