HTTP: Foxit Reader and PhantomPDF Text Field fileSelect Use After Free
This signature detects attempts to exploit a known vulnerability against Foxit Reader and PhantomPDF. A successful attack can lead to arbitrary code execution.
Extended Description
In Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
Affected Products
Foxitsoftware foxit_reader
Short Name
HTTP:STC:DL:FOXIT-FILSELECT-UAF
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
After CVE-2020-13548 Field Foxit Free PhantomPDF Reader Text Use and fileSelect
Release Date
04/12/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3373
False Positive
Unknown
Vendors
Foxitsoftware
CVSS Score
6.8