- #Foxit reader keeps crashing pdf
- #Foxit reader keeps crashing software
- #Foxit reader keeps crashing free
Also, we can see that the instruction immediately following the point of the crash makes an indirect call to a controlled address. Following frames may be wrong.Ġ0 002be36c 0188dcef FoxitReader!CryptUIWizExport+0x13168dĠ1 002be3c4 0281f412 FoxitReader!CryptUIWizExport+0x13096fĠ2 002be400 0289a61d FoxitReader!FXJSE_GetClass+0x432Ġ3 002be4bc 0289a379 FoxitReader!CFXJSE_Arguments::GetValue+0x7aeedĪnalyzing the heap state clearly shows that ecx points into a freed memory region. WARNING: Stack unwind information not available.
#Foxit reader keeps crashing pdf
Opening this proof-of-concept PDF document in Foxit Reader with PageHeap enabled results in the following crash: (10d0.d68): Access violation - code c0000005 (first chance)įirst chance exceptions are reported before any exception handling. Tmp = 0 // access stale reference causes use-after-free
#Foxit reader keeps crashing free
Saving an OCG and then accessing its properties after the document is closed can trigger a use-after-free condition like in the following code: var tmp = this.getOCGs() // save reference to first OCGĪpp.activeDocs.closeDoc() // close and free objects This particular vulnerability lies in invoking the way “Optional Content Groups” are manipulated. Accessing a variable which keeps a reference to a stale object can lead to use-after-free condition. When executing embedded JavaScript code, a document can be closed, which essentially frees a lot of used objects, but the JavaScript can continue to execute. JavaScript support poses an additional attack surface. As a complete and feature-rich PDF reader, it supports JavaScript for interactive documents and dynamic forms.
It aims to have feature parity with Adobe’s Acrobat Reader. Product URLsĨ.0 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CWEįoxit PDF Reader is one of the most popular PDF document readers, and has a widespread user base.
#Foxit reader keeps crashing software
Tested Versionsįoxit Software Foxit PDF Reader 9. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.
0 kommentar(er)
