KLA12437 Multiple vulnerabilities in Foxit PDF Reader

Multiple vulnerabilities were found in Foxit PDF Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges.

Below is a complete list of vulnerabilities:

1. Heap buffer overflow vulnerability can be exploited to execute arbitrary code.
2. NULL pointer dereference vulnerability can be exploited to cause denial of service.
3. Security bypass vulnerability in iManage 10 plugin’s logging function can be exploited via special crafted configuration file to obtain sensitive information or cause denial of service.
4. Use after free vulnerability can be exploited remotely to cause denial of service or execute arbitrary code.
5. Memory corruption vulnerability in JavaScript can be exploited remotely to cause denial of service.
6. Out of bounds read/write vulnerability can be exploited remotely via special crafted files to execute arbitrary code.
7. Use after free vulnerability can be exploited remotely to execute arbitrary code.
8. Use after free or out of bounds read vulnerability in JavaScript API can be exploited remotely via special crafted PDF files to cause denial of service or execute arbitrary code.
9. Uncontrolled search path element privilege escalation vulnerability can be exploited via special crafted DLL files to gain privileges.
10. Stack based buffer overflow vulnerability can be exploited remotely via special crafted XFA file to cause denial of service.
11. Array Out-of-Bounds vulnerability can be exploited remotely via special crafted PDF files to cause denial of service or execute arbitrary code.

Original advisories

Security updates available in Foxit PDF Reader 11.2.1 and Foxit PDF Editor 11.2.1

Related products

Foxit-Reader

Foxit-Reader-Enterprise

CVE list

CVE-2021-44708 critical

CVE-2021-44709 critical

CVE-2021-44741 high

CVE-2021-44740 high

CVE-2018-1285 critical

CVE-2021-40420 critical

CVE-2022-22150 critical

CVE-2022-24907 critical

CVE-2022-24363 critical

CVE-2022-24366 critical

CVE-2022-24908 critical

CVE-2022-24357 critical

CVE-2022-24358 critical

CVE-2022-24360 critical

CVE-2022-24359 critical

CVE-2022-24365 critical

CVE-2022-24362 critical

CVE-2022-24367 critical

CVE-2022-24369 critical

CVE-2022-24361 critical

CVE-2022-24364 critical

CVE-2022-24955 critical

CVE-2022-24954 critical

CVE-2022-24368 high

CVE-2022-24971 critical

CVE-2022-25108 high

Solution

Update to the latest version

Download Foxit Reader

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Foxit PDF Reader earlier than 11.2.1.53537