Published advisory · FOXIT-2016-XFA-UAF
Foxit Reader XFA Use-After-Free Remote Code Execution Vulnerability
CVSS severity
6.8/ 10.0 · Medium
Vulnerability analysis
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must open a malicious XFA file.
The specific flaw exists within the handling of XFA files whose layout direction is set as “lr-tb”. A Use-After-Free condition can be triggered when opening a specially crafted XFA file, which could be leveraged by attackers to execute remote code in the context of the current process.
Disclosure timeline
- Coordinated public release of advisory
References