Foxit Reader - COM Objects Memory Corruption Remote Code Execution

EDB-ID:

10204

CVE:

N/A

EDB Verified:

Author:

mrx

Type:

dos

Exploit:   /  

Platform:

Windows

Date:

2009-11-19

Vulnerable App: 
Bugtraq ID: 36673

Published: Oct 14 2009 12:00AM
Updated: Nov 19 2009 03:25PM
Credit: mrx
Vulnerable: Foxit Reader 3.1.1 Build 0928
Foxit Foxit Reader 3.0.2009 1301
Foxit Foxit Reader 3.0 Build 1817
Foxit Foxit Reader 3.0 Build 1506
Foxit Foxit Reader 3.0


Foxit Reader is prone to a remote code-execution vulnerability because is fails to properly handle certain COM objects.

An attacker can exploit this issue by supplying a malicious PDF file or webpage. Successful exploits may allow the attacker to execute arbitrary code in the context of a user running the affected application. Failed attempts will likely result in denial-of-service conditions. 

Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/33283.tar (2009-11-22-36668.tar)
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services