First published: Thu May 17 2018(Updated: )
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA Button elements. When parsing arguments passed to the resetData method, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5618.
Credit: zdi-disclosures@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Foxit Reader | <=9.0.1.1049 | |
Foxit PhantomPDF | <=9.0.1.1049 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-9957 has a high severity rating due to its ability to allow remote code execution.
To remediate CVE-2018-9957, update Foxit Reader or PhantomPDF to version 9.0.1.1050 or later.
CVE-2018-9957 affects Foxit Reader and PhantomPDF versions up to and including 9.0.1.1049.
CVE-2018-9957 allows remote attackers to execute arbitrary code on the affected installations by tricking the user into interacting with a malicious file.
Yes, user interaction is required as the victim must either visit a malicious page or open a malicious file.