Foxit Reader - vulnerability with launching a PDF executable without warnings
Didier Stevens reports that the built-in command launch mechanism in PDF format (/ Launch / Action) is insecurely processed in Foxit Reader, and allows you to run an executable embedded in PDF file without any requests and exploit any vulnerability.
This can lead to a spam wave with malicious malicious programs embedded in PDF, which, when opened, will start without warning in Foxit Reader.
')
Downloaded from the site Foxit Reader without any warnings launched cmd.exe in the provided PoC .
It is recommended not to use Foxit Reader until the patch is released.
I recall that according to the F-Secure report in 2009, almost half of targeted attacks were attacks using PDF files.
This can lead to a spam wave with malicious malicious programs embedded in PDF, which, when opened, will start without warning in Foxit Reader.
')
Downloaded from the site Foxit Reader without any warnings launched cmd.exe in the provided PoC .
It is recommended not to use Foxit Reader until the patch is released.
I recall that according to the F-Secure report in 2009, almost half of targeted attacks were attacks using PDF files.
Source: https://habr.com/ru/post/89478/
All Articles