Security Vulnerabilities fixed in Foxit Reader 10.1.4

description-logoDescription

Foxit Reader before 10.1.4 have an out-of-bounds write via a crafted /Size key in the Trailer dictionary and because the Cross-Reference table is mishandled during Office document conversion. There is also information disclosure or an application crash after mishandling the Tab key during XFA form interaction. Another issue is that it produces incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled. There are memory corruption during conversion of a PDF document to a different document format, stack consumption via recursive function calls during the handling of XFA forms or link objects, attackers to delete arbitrary files (during uninstallation) via a symlink, SQL Injection via crafted data at the end of a string, DLL hijacking, writing to arbitrary files because the extractPages pathname is not validated, and writing to arbitrary files because a CombineFiles pathname is not validated.

affected-products-logoAffected Applications

Foxit Reader