HTTP: Foxit Reader JavaScript XFA Use After Free
This signature detects attempt to exploit a use after free vulnerability which has been reported in Foxit Reader. Successful exploitation could allow the attacker to execute arbitrary code in the context of the application.
Extended Description
An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If a browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
Affected Products
Foxit pdf_reader
Short Name
HTTP:STC:FOXIT-XFA-UAF
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
After CVE-2018-3850 Foxit Free JavaScript Reader Use XFA bid:103942
Release Date
09/11/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3730
False Positive
Unknown
Vendors
Foxit
CVSS Score
6.8