1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Foxit Reader Javascript Arbitrary File Write

Web Attack: Foxit Reader Javascript Arbitrary File Write

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This Signature detects attempts to perform arbitrary file creation through vulnerable 'createDataObject()' in Foxit Reader.

Additional Information

Foxit Reader is an application for handling PDF files.

Foxit Reader is prone to a vulnerability that allows attackers to write or overwrite arbitrary files on a vulnerable computer. Specifically, the application's Javascript API function 'createDataObject()' allows arbitrary files to be overwritten or created through a URI.

An attacker can exploit this issue to create or overwrite arbitrary files on the computer running the affected application. This may aid in further attacks.

Versions prior to Foxit Reader 4.3.1.0218 are vulnerable.

Affected

  • Versions prior to Foxit Reader 4.3.1.0218 are vulnerable.

Response

Updates are available. Please see the references for more information.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube