1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Foxit Reader Arbitrary Code Execution

Attack: Foxit Reader Arbitrary Code Execution

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to execute arbitrary code in the context of the application.

Additional Information

Foxit Reader is prone to an arbitrary code-execution vulnerability because it fails to sufficiently sanitize user-supplied data. Specifically, this issue occurs because it allows an attacker to replace text chunks when processing a PNG file.

An attacker could exploit this issue to execute arbitrary code in the context of the application.

Affected

  • Foxit Reader 7.0.8 - 7.1.5 (maybe also older versions) are vulnerable;

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube