Cyber Security News

Foxit PDF Reader Vulnerability Let Attackers Execute Arbitary Code

Researchers recently disclosed six new security vulnerabilities across various software, as one critical vulnerability was found in Foxit PDF Reader, a widely used alternative to Adobe Acrobat. 

Given the memory corruption vulnerability, attackers could execute arbitrary code on the machine that is the target of their attack. 

Additionally, three vulnerabilities were discovered in Veertu’s Anka Build, a software suite used for testing macOS or iOS applications in CI/CD environments, which could potentially compromise the security of the testing environment.

Foxit PDF Reader has been identified with a critical use-after-free vulnerability, which malicious actors could exploit to execute arbitrary code on a targeted system. 

The vulnerability can be exploited if a user opens a specially crafted PDF file or visits a malicious website while the Foxit PDF Reader browser extension is enabled.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

Attackers can exploit the vulnerability to corrupt memory and gain control of the device that is affected by the vulnerability by manipulating the JavaScript content of the PDF.

Within the G Structured File Library (libgsf) that is part of the GNOME project, there have been discovered two critical vulnerabilities that have the potential to result in remote code execution. 

These vulnerabilities, TALOS-2024-2068 (CVE-2024-36474) and TALOS-2024-2069 (CVE-2024-42415), arise from integer overflows during array index manipulation and sector allocation table processing, respectively. 

In order to take advantage of these vulnerabilities, an attacker could entice a user to open a file that has been maliciously crafted, which would allow the attacker to potentially gain unauthorized access to the system.

Three critical vulnerabilities have been identified in Veertu’s Anka Build software, where two of these vulnerabilities are directory traversal issues (TALOS-2024-2059 and TALOS-2024-2061) that could allow an attacker to access unauthorized files by sending specially crafted HTTP requests. 

By taking advantage of a software update mechanism, a low-privileged user could potentially gain root access through a vulnerability known as TALOS-2024-2060, which is a privilege escalation vulnerability. 

According to Ciso Talos, users of Anka Build are currently exposed to significant security risks as a result of these vulnerabilities, which require immediate attention in order to prevent any potential exploitation.

Strategies to Protect Websites & APIs from Malware Attack => Free Webinar

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions…

1 day ago

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through…

2 days ago

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the initial…

2 days ago

Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications

A seemingly benign health app, "BMI CalculationVsn," was found on the Amazon App Store, which…

2 days ago

Lazarus Hackers Using New VNC Based Malware To Attack Organizations Worldwide

The Lazarus Group has recently employed a sophisticated attack, dubbed "Operation DreamJob," to target employees…

2 days ago

New Python NodeStealer Attacking Facebook Business To Steal Login Credentials

NodeStealer, initially a JavaScript-based malware, has evolved into a more sophisticated Python-based threat that targets…

2 days ago