Foxit PDF Reader Vulnerability Let Attackers Execute Arbitary Code

Researchers recently disclosed six new security vulnerabilities across various software, as one critical vulnerability was found in Foxit PDF Reader, a widely used alternative to Adobe Acrobat. 

Given the memory corruption vulnerability, attackers could execute arbitrary code on the machine that is the target of their attack. 

Additionally, three vulnerabilities were discovered in Veertu’s Anka Build, a software suite used for testing macOS or iOS applications in CI/CD environments, which could potentially compromise the security of the testing environment.

Foxit PDF Reader has been identified with a critical use-after-free vulnerability, which malicious actors could exploit to execute arbitrary code on a targeted system. 

The vulnerability can be exploited if a user opens a specially crafted PDF file or visits a malicious website while the Foxit PDF Reader browser extension is enabled.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

Attackers can exploit the vulnerability to corrupt memory and gain control of the device that is affected by the vulnerability by manipulating the JavaScript content of the PDF.

Within the G Structured File Library (libgsf) that is part of the GNOME project, there have been discovered two critical vulnerabilities that have the potential to result in remote code execution. 

These vulnerabilities, TALOS-2024-2068 (CVE-2024-36474) and TALOS-2024-2069 (CVE-2024-42415), arise from integer overflows during array index manipulation and sector allocation table processing, respectively. 

In order to take advantage of these vulnerabilities, an attacker could entice a user to open a file that has been maliciously crafted, which would allow the attacker to potentially gain unauthorized access to the system.

Three critical vulnerabilities have been identified in Veertu’s Anka Build software, where two of these vulnerabilities are directory traversal issues (TALOS-2024-2059 and TALOS-2024-2061) that could allow an attacker to access unauthorized files by sending specially crafted HTTP requests. 

By taking advantage of a software update mechanism, a low-privileged user could potentially gain root access through a vulnerability known as TALOS-2024-2060, which is a privilege escalation vulnerability. 

According to Ciso Talos, users of Anka Build are currently exposed to significant security risks as a result of these vulnerabilities, which require immediate attention in order to prevent any potential exploitation.

Strategies to Protect Websites & APIs from Malware Attack => Free Webinar