Foxit Software has released patches for 8 critical vulnerabilities in Foxit PDF Reader viewing software for Windows.
Exploiting vulnerabilities allows an attacker to remotely execute arbitrary code on target systems. Issues affect versions of Foxit Reader 9.6.0.25114 and earlier.The most serious problem is the CVE-2019-5031 vulnerability, which scored 8.8 points out of a maximum of 10 on the CVSS scale. It is related to how Foxit Reader interacts with the JavaScript engine (a program that executes JavaScript code). Foxit Reader can support JavaScript for interactive documents and dynamic forms. For example, when a user opens a PDF document, he can execute JavaScript.
Read also: Microsoft urgently fixed 0-day vulnerabilities in IE and Microsoft Defender
However, using certain versions of the JavaScript engine (version 7.5.45 and earlier in JavaScript V8) in Foxit Reader 9.4.1.16828 may lead to arbitrary code execution and denial of service. The problem is associated with the allocation of a large amount of memory as a result of launching the JavaScript engine in a vulnerable version of the software, which leads to a lack of memory and termination of the process.
“As part of an attack, a specially crafted PDF document can cause a low memory condition that is not being processed properly, which will lead to the possibility of arbitrary code execution. To exploit the vulnerability, an attacker must trick a user into opening a malicious file or visiting a malicious website with the Foxit Reader plugin enabled”, – say Foxit Software developers.
Three other critical vulnerabilities (CVE-2019-13326, CVE-2019-13327, CVE-2019-13328) have a rating of 7.8 points out of a maximum of 10 on the CVSS scale.
In all cases, exploitation of vulnerabilities allows a remote attacker to gain access to victim systems. Problems are associated with processing fields in AcroForm objects. They arise due to the lack of verification of the existence of the object before performing operations with it. An attacker could use this vulnerability to execute code in the context of the current process.
Other vulnerabilities are associated with the processing of TIF files (CVE-2019-13329), JPG files (CVE-2019-13330, CVE-2019-13331) and XFA form templates (CVE-2019-13332).
Exploiting vulnerabilities allows an attacker to remotely execute arbitrary code, however, the victim must first visit a malicious page or open a malicious file.
Solution
Update the 3D Plugin Beta to the latest versions by following one of the instructions below.
From the “Help” tab of Foxit Reader, click on “Check for Updates” and update 3D Plugin Beta to the latest version.
Click here to download the updated version of 3D Plugin Beta for Foxit Reader from our website.
