HTTP: Foxit Reader and PhantonPDF XFA gotoURL Command Injection
A command injection vulnerability has been reported in the XFA component of Foxit Reader and PhantomPDF. A remote attacker could exploit this vulnerability by enticing a victim user to visit a malicious web page or open a crafted PDF document. Successful exploitation could allow the attacker to execute arbitrary command under the context of the user.
Extended Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the gotoURL method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5030.
Affected Products
Foxitsoftware foxit_reader
Short Name
HTTP:STC:FOXIT-READER-CMDINJ
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-10953 Command Foxit Injection PhantonPDF Reader XFA and gotoURL
Release Date
09/25/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Foxitsoftware
CVSS Score
6.8