Cisco Talos researcher Aleksandar Nikolic has unearthed one of the critical vulnerabilities fixed in the latest Adobe Acrobat and Reader security updates. He is also the one that recently discovered 23 vulnerabilities in another popular PDF reader: Foxit.
Foxit PDF Reader is a free program for viewing, creating and editing PDF documents. It has a large user base and is commonly used as an alternative to Adobe Reader.
Foxit PDF Reader vulnerabilities
All of them can be exploited to achieve arbitrary code execution via a document specially crafted to trigger a previously freed object in memory to be reused.
The attacker would need to convince the user to open the malicious file to trigger any of these vulnerabilities. Also, if the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
For more specific details about each of the flaws as well as PoCs, go here.
The good news is the vulnerabilities have been patched. Users are advised to update to the latest version of the software (if they haven’t already).
Cisco Talos has also released a number of Snort rules that should detect attempts to exploit these flaws.