KLA10026
OAF vulnerability in Foxit
Updated: 02/12/2015
CVSS
?
0.0
Detect date
?
05/24/2014
Severity
?
Warning
Description

An XSS vulnerability was found in Foxit Reader, Foxit Enterprise Reader and Foxit PhantomPDF. By exploiting this vulnerability malicious users can overwrite registry entries and load malicious files. This vulnerability can be exploited locally at a point related to the Recent Documents section of the Start Page.

Affected products

Foxit Reader versions 6.2.0.0429 and earlier
Foxit Enterprise Reader versions 6.2.0.0429 and earlier
Foxit PhantomPDF versions 6.2.0.0429 and earlier

Solution

Update to latest version
Foxit PDF Reader

Original advisories

Foxit bulletin

Impacts
?
OAF 
[?]
Related products
Foxit Reader
Foxit Phantom PDF Suite