Vulnerabilities > CVE-2012-4337 - Memory Corruption vulnerability in Foxit Reader

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

foxitsoftware

microsoft

critical

nessus

NVD

Published: 2012-08-23

Updated: 2012-08-24

Summary

Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references.

Vulnerable Configurations

Part	Description	Count
Application	Foxitsoftware Foxitsoftware Foxit Reader 2.0 Foxitsoftware Foxit Reader 2.3 Foxitsoftware Foxit Reader 3.0 Foxitsoftware Foxit Reader 3.1.2.1013 Foxitsoftware Foxit Reader 3.1.2.1030 Foxitsoftware Foxit Reader 3.2.0.0303 Foxitsoftware Foxit Reader 3.2.1.0401 Foxitsoftware Foxit Reader 4.0 Foxitsoftware Foxit Reader 4.0.0.0619 Foxitsoftware Foxit Reader 4.1 Foxitsoftware Foxit Reader 4.1.1.0805 Foxitsoftware Foxit Reader 4.2 Foxitsoftware Foxit Reader 4.3 Foxitsoftware Foxit Reader 4.3.1.0218 Foxitsoftware Foxit Reader 5.0 Foxitsoftware Foxit Reader 5.0.2 Foxitsoftware Foxit Reader 5.1.0.1021 Foxitsoftware Foxit Reader 5.1.3 Foxitsoftware Foxit Reader 2.2 Foxitsoftware Foxit Reader 3.1 Foxitsoftware Foxit Reader 3.1.0.0111 Foxitsoftware Foxit Reader 3.1.4 Foxitsoftware Foxit Reader 3.2 Foxitsoftware Foxit Reader 3.3 Foxitsoftware Foxit Reader 3.3.1 Foxitsoftware Foxit Reader 4.1.1 Foxitsoftware Foxit Reader 5.0.2.0718 Foxitsoftware Foxit Reader 5.1 Foxitsoftware Foxit Reader 5.1.4.0104	29
OS	Microsoft Microsoft Windows 7 * Microsoft Windows XP *	2

Nessus

NASL family	Windows
NASL id	FOXIT_READER_5_3.NASL
description	The version of Foxit Reader installed on the remote Windows host is prior to 5.3. It is, therefore, affected by a memory corruption issue due to the calculation of a negative number during the processing of cross-references. An attacker can exploit this, by tricking a user into opening a crafted PDF file, to execute arbitrary code with the user
last seen	2020-06-01
modified	2020-06-02
plugin id	62063
published	2012-09-12
reporter	This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/62063
title	Foxit Reader < 5.3 Cross-References RCE
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(62063); script_version("1.6"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2012-4337"); script_bugtraq_id(55150); script_xref(name:"MSVR", value:"MSVR12-013"); script_name(english:"Foxit Reader < 5.3 Cross-References RCE"); script_summary(english:"Checks the version of Foxit Reader."); script_set_attribute(attribute:"synopsis", value: "A PDF viewer installed on the remote host is affected by a remote code execution vulnerability."); script_set_attribute(attribute:"description", value: "The version of Foxit Reader installed on the remote Windows host is prior to 5.3. It is, therefore, affected by a memory corruption issue due to the calculation of a negative number during the processing of cross-references. An attacker can exploit this, by tricking a user into opening a crafted PDF file, to execute arbitrary code with the user's privileges."); script_set_attribute(attribute:"see_also", value:"https://www.foxitsoftware.com/support/security-bulletins.php"); script_set_attribute(attribute:"see_also", value:"https://www.foxitsoftware.com/company/press.php?id=257"); script_set_attribute(attribute:"solution", value: "Upgrade to Foxit Reader version 5.3 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/21"); script_set_attribute(attribute:"patch_publication_date", value:"2012/05/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/12"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:foxitsoftware:foxit_reader"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc."); script_dependencies("foxit_reader_installed.nasl"); script_require_keys("installed_sw/Foxit Reader"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("install_func.inc"); app = "Foxit Reader"; install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE); version = install["version"]; path = install["path"]; report = NULL; fixed_version = "5.3"; if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) < 0) { port = get_kb_item("SMB/transport"); if (!port) port = 445; report = '\n Path : ' + path + '\n Installed version : ' + version + '\n Fixed version : ' + fixed_version + '\n'; security_report_v4(port:port, extra:report, severity:SECURITY_HOLE); exit(0); } else audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);

Seebug

bulletinFamily	exploit
description	BUGTRAQ ID: 55150 CVE ID: CVE-2012-4337 Foxit Reader是一款小型的PDF文档查看器和打印程序。 Foxit Reader 5.1.4.0104及更早版本解析PDF文件的实现上存在安全漏洞，可被利用破坏内存，执行任意代码并控制用户系统。 0 Foxit Foxit Reader 5.x 厂商补丁： Foxit ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.foxitsoft.com/wac/server_intro.php
id	SSV:60347
last seen	2017-11-19
modified	2012-08-26
published	2012-08-26
reporter	Root
title	Foxit Foxit Reader 5.x 不明细节内存破坏漏洞

Summary

Vulnerable Configurations

Nessus

Seebug

References