Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: I'll have PDF with another slice of PDF please. - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
I'll have PDF with another slice of PDF please.

Well, hot on the heals of Microsoft Patch Tuesday as we now know comes Adobe Patch Tuesday. 

Guy has already kindly alerted us to the Cold Fusion vulnerability announced in apsa13-01 but we also need to highlight apsa13-02 which was also released on the 8th.

This covers a huge number of CVE's (27 if you need to know) and most of which "could" lead to code execution using a variety of techniques including use-after-free, integer, heap and stack over flows.

However, as we know "other PDF readers are available" and Foxit is quiet often what security minded people have installed. However there is also announced this week an as yet un-patched vulnerability discovered by Andrea Micalizzii in Foxit Reader 5.x, and Foxit Reader 2.x Plugin for which the exploit code is publicly available. This has reportedly been tested against version Foxit Reader 5.4.4.1128 which is what is available for download as of today.

 

Stephen

89 Posts
ISC Handler
- https://secunia.com/advisories/51733/
Release Date: 2013-01-08
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
... vulnerability is confirmed in version 5.4.4.1128 (npFoxitReaderPlugin.dll version 2.2.1.530). Other versions may also be affected...

.
Jack

160 Posts
Does enabling the safe reading setting under trust manager within Fox-it Reader mitigate this latest vulnerability?
Trask

1 Posts
Foxit has always been vulnerable. I've never viewed it as a viable substitute for the Adobe Reader.
Trask
57 Posts

Sign Up for Free or Log In to start participating in the conversation!