Foxit.Reader.Font.Format.Buffer.Overflow
Description
This indicates an attack attempt to exploit a remote code-execution vulnerability
in Foxit Reader.
The vulnerability is due to the vulnerable software's inability to properly handle malformed Compact Font Format (CFF) data within a PDF document. It can be exploited via a crafted PDF file, leading to remote code execution.
Affected Products
Foxit Reader version 4.1.0.0726
Windows Vista Ultimate - sp0 (i386)
Foxit Reader version 4.1.0.0726
Windows Vista Ultimate - sp1 (i386)
Foxit Reader version 4.1.0.0726
Windows Vista Ultimate - sp2 (i386)
Foxit Reader version 4.1.0.0726
Windows XP Professional - sp2 (i386)
Foxit Reader version 4.1.0.0726
Windows XP Professional - sp3 (i386)
Foxit Reader version 4.1.0.0726
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's website for the suggested workaround:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-02 | 16.972 |