KLA11125
Multiple vulnerabilities in Foxit Reader
Обновлено: 31/10/2017
Дата обнаружения
21/10/2017
Уровень угрозы
Warning
Описание

Multiple buffer overflow vulnerabilities have been found in Foxit Reader. Malicious users can exploit these vulnerabilities locally via specially designed .xps file to cause a denial of service or execute arbitrary code.


Technical details

This vulnerabilities are related to:

  1. «Data from Faulting Address controls subsequent Write Address starting at frdvpr_drv!DrvQueryDriverInfo+0x000000000002c851.»;
  2. «Data from Faulting Address controls subsequent Write Address starting at msvcrt!memmove+0x0000000000000158.».
Пораженные продукты

Foxit Reader version 8.3.2.25013

Решение

Update to the latest version

Первичный источник обнаружения
CVE-2017-15771
CVE-2017-15770
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]
Связанные продукты
Foxit Reader