Multiple vulnerabilities in Foxit Reader

Описание

Multiple serious vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An use-after-free vulnerability in Format event of the ComboBox fields can be exploited remotely via malicious website or file to execute arbitrary code;
2. An use-after-free vulnerability in the handling of the resetForm method can be exploited remotely via malicious website or file to execute arbitrary code;
3. An use-after-free vulnerability in the handling of the setFocus method can be exploited remotely via malicious website or file to execute arbitrary code;
4. Multiple out-of-bounds read vulnerabilities in ConvertToPDF_x86.dll can be exploited remotely via malicious website or file to obtain sensitive information;
5. An out-of-bounds write vulnerability in ConvertToPDF_x86.dll can be exploited remotely via malicious website or file to execute arbitrary code;
6. A type confusion vulnerability in the addAdLayer method can be exploited remotely via malicious website or file to execute arbitrary code;
7. A type confusion vulnerability in the addAnnot method can be exploited remotely via malicious website or file to execute arbitrary code;
8. A type confusion vulnerability in the addField method can be exploited remotely via malicious website or file to execute arbitrary code;
9. A type confusion vulnerability in the addPageOpenJSMessage method can be exploited remotely via malicious website or file to execute arbitrary code;
10. A type confusion vulnerability in the calculateNow method can be exploited remotely via malicious website or file to execute arbitrary code;
11. A type confusion vulnerability in the closeDoc method can be exploited remotely via malicious website or file to execute arbitrary code;
12. A type confusion vulnerability in the convertTocPDF method can be exploited remotely via malicious website or file to execute arbitrary code;
13. A type confusion vulnerability in the exportAsFDF method can be exploited remotely via malicious website or file to execute arbitrary code;
14. A type confusion vulnerability in the exportAsXFDF method can be exploited remotely via malicious website or file to execute arbitrary code;
15. A type confusion vulnerability in the exportDataObject method can be exploited remotely via malicious website or file to execute arbitrary code;
16. A type confusion vulnerability in the getAnnot method can be exploited remotely via malicious website or file to execute arbitrary code;
17. A type confusion vulnerability in the getDataBObject method can be exploited remotely via malicious website or file to execute arbitrary code;
18. A type confusion vulnerability in the getField method can be exploited remotely via malicious website or file to execute arbitrary code;
19. A type confusion vulnerability in the getIcon method can be exploited remotely via malicious website or file to execute arbitrary code;
20. A type confusion vulnerability in the getLinks method can be exploited remotely via malicious website or file to execute arbitrary code;
21. A type confusion vulnerability in the getNthFieldName method can be exploited remotely via malicious website or file to execute arbitrary code;
22. A type confusion vulnerability in the getOCGs method can be exploited remotely via malicious website or file to execute arbitrary code;
23. A type confusion vulnerability in the getPageBox method can be exploited remotely via malicious website or file to execute arbitrary code;
24. A type confusion vulnerability in the getPageNthWord method can be exploited remotely via malicious website or file to execute arbitrary code;
25. A type confusion vulnerability in the getPageNthWordQuads method can be exploited remotely via malicious website or file to execute arbitrary code;
26. A type confusion vulnerability in the getPageRotation method can be exploited remotely via malicious website or file to execute arbitrary code;
27. A type confusion vulnerability in the getTemplate method can be exploited remotely via malicious website or file to execute arbitrary code;
28. A type confusion vulnerability in the getURL method can be exploited remotely via malicious website or file to execute arbitrary code;
29. A type confusion vulnerability in the getVersionID method can be exploited remotely via malicious website or file to execute arbitrary code;
30. A type confusion vulnerability in the importAnFDF method can be exploited remotely via malicious website or file to execute arbitrary code;
31. A type confusion vulnerability in the importAnXFDX method can be exploited remotely via malicious website or file to execute arbitrary code;
32. A type confusion vulnerability in the importDataObject method can be exploited remotely via malicious website or file to execute arbitrary code;
33. A type confusion vulnerability in the importTextData method can be exploited remotely via malicious website or file to execute arbitrary code;
34. A type confusion vulnerability in the mailForm method can be exploited remotely via malicious website or file to execute arbitrary code;
35. A type confusion vulnerability in the print method can be exploited remotely via malicious website or file to execute arbitrary code;
36. A type confusion vulnerability in the removeDataObject method can be exploited remotely via malicious website or file to execute arbitrary code;
37. A type confusion vulnerability in the removeField method can be exploited remotely via malicious website or file to execute arbitrary code;
38. A type confusion vulnerability in the removeIcon method can be exploited remotely via malicious website or file to execute arbitrary code;
39. A type confusion vulnerability in the removeTemplate method can be exploited remotely via malicious website or file to execute arbitrary code;
40. A type confusion vulnerability in the scroll method can be exploited remotely via malicious website or file to execute arbitrary code;
41. A type confusion vulnerability in the spawnPageFromTemplate method can be exploited remotely via malicious website or file to execute arbitrary code;
42. A type confusion vulnerability in the submitForm method can be exploited remotely via malicious website or file to execute arbitrary code;
43. A type confusion vulnerability in the mailDoc method can be exploited remotely via malicious website or file to execute arbitrary code;
44. A type confusion vulnerability in the getPageNumWords method can be exploited remotely via malicious website or file to execute arbitrary code;
45. A type confusion vulnerability in the resetForm method can be exploited remotely via malicious website or file to execute arbitrary code;
46. An arbitrary file write vulnerability in the exportAsFDF XFA function can be exploited remotely via malicious website or file to execute arbitrary code;
47. An arbitrary file write vulnerability in the exportData XFA function can be exploited remotely via malicious website or file to execute arbitrary code;
48. An uninitialized pointer vulnerability in the handling of FlateDecode streams can be exploited remotely via malicious website or file to execute arbitrary code;
49. An use-after-free vulnerability in the highlightMode attribute can be exploited remotely via malicious website or file to execute arbitrary code;
50. An use-after-free vulnerability in the handling of the newDoc function can be exploited remotely via malicious website or file to execute arbitrary code;
51. A type confusion vulnerability in the handling of the oneOfChild attribute can be exploited remotely via malicious website or file to execute arbitrary code;
52. A type confusion vulnerability in the handling of arguments passed to the mailDoc function can be exploited remotely via malicious website or file to execute arbitrary code;
53. A type confusion vulnerability in the handling of arguments passed to the instanceManager.nodes.append function can be exploited remotely via malicious website or file to execute arbitrary code;
54. A type confusion vulnerability in the handling of arguments passed to the setFocus function can be exploited remotely via malicious website or file to execute arbitrary code;
55. An out-of-bound read vulnerability in the parsing of PDF documents can be exploited remotely via malicious website or file to obtain sensitive information;
56. A heap-based buffer overflow vulnerability in the parsing of PDF documents can be exploited remotely via malicious website or file to execute arbitrary code;
57. An use-after-free vulnerability in the addAnnot function while parsing of PDF documents can be exploited remotely via malicious website or file to execute arbitrary code;
58. An use-after-free vulnerability in the createTemplate function while parsing of PDF documents can be exploited remotely via malicious website or file to execute arbitrary code;
59. An use-after-free vulnerability in the setAction function while parsing of PDF documents can be exploited remotely via malicious website or file to execute arbitrary code;
60. An use-after-free vulnerability in the processing of FileAttachment annotations can be exploited remotely via malicious website or file to execute arbitrary code;
61. An integer overflow vulnerability in the handling of PDF documents can be exploited remotely via malicious website or file to execute arbitrary code;
62. An use-after-free vulnerability in the borderEffectStyle function while processing of Circle annotations can be exploited remotely via malicious website or file to execute arbitrary code;
63. An use-after-free vulnerability in the processing of FreeText annotations can be exploited remotely via malicious website or file to execute arbitrary code;
64. An use-after-free vulnerability in the processing of Ink annotations can be exploited remotely via malicious website or file to execute arbitrary code;
65. An use-after-free vulnerability in the processing of Line annotations can be exploited remotely via malicious website or file to execute arbitrary code;
66. An use-after-free vulnerability inthe processing of Polygon annotations can be exploited remotely via malicious website or file to execute arbitrary code;
67. An use-after-free vulnerability in the processing of Sound annotations can be exploited remotely via malicious website or file to execute arbitrary code;
68. An use-after-free vulnerability in the processing of Square annotations can be exploited remotely via malicious website or file to execute arbitrary code;
69. An use-after-free vulnerability in the processing of StrikeOut annotations can be exploited remotely via malicious website or file to execute arbitrary code;
70. An use-after-free vulnerability in the processing of Text annotations can be exploited remotely via malicious website or file to execute arbitrary code;
71. An use-after-free vulnerability in the processing of PolyLine annotations can be exploited remotely via malicious website or file to execute arbitrary code;
72. An use-after-free vulnerability in the processing of button objects can be exploited remotely via malicious website or file to execute arbitrary code;
73. An use-after-free vulnerability in the processing of Link objects can be exploited remotely via malicious website or file to execute arbitrary code;
74. An use-after-free vulnerability in the handling of the valueAsString function can be exploited remotely via malicious website or file to execute arbitrary code;
75. An use-after-free vulnerability in the handling of the SeedValue Generic Object parameter provided to the signatureSetSeedValue function can be exploited remotely via malicious website or file to execute arbitrary code;
76. An use-after-free vulnerability in the handling of events can be exploited remotely via malicious website or file to execute arbitrary code;
77. A type confussion vulnerability in the handling of XFA events can be exploited remotely via malicious website or file to execute arbitrary code;
78. An use-after-free vulnerability in the handling of the exportAsFDF function can be exploited remotely via malicious website or file to execute arbitrary code;
79. A type confusion vulnerability in the handling of PDF files can be exploited remotely via malicious website or file to execute arbitrary code;
80. Multiple use-after-free vulnerabilities in the handling of annotations can be exploited remotely via malicious website or file to execute arbitrary code;
81. An out-of-bounds read vulnerability in the processing of PDF documents can be exploited remotely via malicious website or file to obtain sensitive information;
82. Multiple type confusion vulnerabilities in the processing of PDF documents can be exploited remotely via malicious website or file to execute arbitrary code;
83. Multiple use-after-free vulnerabilities in the the JavaScript engine can be exploited remotely via malicious website or file to execute arbitrary code;

Первичный источник обнаружения

• Security updates available in Foxit Reader 9.2 and Foxit PhantomPDF 9.2
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Foxit-Reader
• Foxit-Phantom-PDF

Список CVE

• CVE-2018-11617
  high
• CVE-2018-11618
  high
• CVE-2018-11619
  high
• CVE-2018-11620
  warning
• CVE-2018-11621
  warning
• CVE-2018-11622
  high
• CVE-2018-11623
  high
• CVE-2018-14241
  high
• CVE-2018-14242
  high
• CVE-2018-14243
  high
• CVE-2018-14244
  high
• CVE-2018-14245
  high
• CVE-2018-14246
  high
• CVE-2018-14247
  high
• CVE-2018-14248
  high
• CVE-2018-14249
  high
• CVE-2018-14250
  high
• CVE-2018-14251
  high
• CVE-2018-14252
  high
• CVE-2018-14253
  high
• CVE-2018-14254
  high
• CVE-2018-14255
  high
• CVE-2018-14256
  high
• CVE-2018-14257
  high
• CVE-2018-14258
  high
• CVE-2018-14259
  high
• CVE-2018-14260
  high
• CVE-2018-14261
  high
• CVE-2018-14262
  high
• CVE-2018-14263
  high
• CVE-2018-14264
  high
• CVE-2018-14265
  high
• CVE-2018-14266
  high
• CVE-2018-14267
  high
• CVE-2018-14268
  high
• CVE-2018-14269
  high
• CVE-2018-14270
  high
• CVE-2018-14271
  high
• CVE-2018-14272
  high
• CVE-2018-14273
  high
• CVE-2018-14274
  high
• CVE-2018-14275
  high
• CVE-2018-14276
  high
• CVE-2018-14277
  high
• CVE-2018-14278
  high
• CVE-2018-14279
  high
• CVE-2018-14280
  high
• CVE-2018-14281
  high
• CVE-2018-14282
  high
• CVE-2018-14283
  high
• CVE-2018-14284
  high
• CVE-2018-14285
  high
• CVE-2018-14286
  high
• CVE-2018-14287
  high
• CVE-2018-14288
  high
• CVE-2018-14289
  warning
• CVE-2018-14290
  high
• CVE-2018-14291
  high
• CVE-2018-14292
  high
• CVE-2018-14293
  high
• CVE-2018-14294
  high
• CVE-2018-14295
  high
• CVE-2018-14296
  high
• CVE-2018-14297
  high
• CVE-2018-14298
  high
• CVE-2018-14299
  high
• CVE-2018-14300
  high
• CVE-2018-14301
  high
• CVE-2018-14302
  high
• CVE-2018-14303
  high
• CVE-2018-14304
  high
• CVE-2018-14305
  high
• CVE-2018-14306
  high
• CVE-2018-14307
  high
• CVE-2018-14308
  high
• CVE-2018-14309
  high
• CVE-2018-14310
  high
• CVE-2018-14311
  high
• CVE-2018-14312
  high
• CVE-2018-14313
  high
• CVE-2018-14314
  high
• CVE-2018-14315
  high
• CVE-2018-14316
  warning
• CVE-2018-14317
  high
• CVE-2018-3924
  high
• CVE-2018-3939
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com