Fortinet Discovers Foxit PhantomPDF/Reader Arbitrary Application Execution Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered an Arbitrary Application Execution vulnerability in Foxit PhantomPDF and Reader.
Foxit PhantomPDF provides a cost-effective solution for business professionals to work securely with PDF documents and forms. It provides a full featured platform to view, create, edit, collaborate, share, secure, organize, export, and sign PDF. PhantomPDF is available in two editions: Standard and Business. Foxit Reader is a free PDF Reader.
An Arbitrary Application Execution vulnerability has been discovered in Foxit PhantomPDF and Reader. The vulnerability exists because users can embed executable file into PDF file. It can be exploited by attackers to spread malware by embedding it into a PDF file. When victims open it, the embedded malware can be executed.
Solutions
Users should apply the solution provided by Foxit Software.
Timeline
Fortinet reported the vulnerability to Foxit on March 20, 2018.
Foxit patched the vulnerability on April 19, 2018.