Signature Detail

HTTP: Foxit Reader Escape From PDF Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Foxit Reader, a PDF file viewer. A successful attack can lead to arbitrary code execution.

Extended Description

Foxit Reader is prone to a remote code-execution vulnerability because it fails to properly restrict access to certain functionality. An attacker can exploit this issue by enticing a user to open a malicious PDF file. Successful exploits may allow the attacker to execute arbitrary code or commands in the context of a user running the affected application. The issue affects Foxit Reader 3.2.0.0303 and prior; other versions may also be affected.

Affected Products

• Adobe Acrobat 8.1.5
• Adobe Acrobat 8.2.2
• Adobe Acrobat 8.2.3
• Adobe Acrobat 9.1.1
• Adobe Acrobat 9.2
• Adobe Acrobat 9.3
• Adobe Acrobat 9.3.1
• Adobe Acrobat 9.3.2
• Adobe Acrobat 9.3.3
• Adobe Acrobat 9.3.3
• Adobe Acrobat Professional 8.0
• Adobe Acrobat Professional 8.1
• Adobe Acrobat Professional 8.1.1
• Adobe Acrobat Professional 8.1.2
• Adobe Acrobat Professional 8.1.2 Security Update 1
• Adobe Acrobat Professional 8.1.3
• Adobe Acrobat Professional 8.1.4
• Adobe Acrobat Professional 8.1.6
• Adobe Acrobat Professional 8.1.7
• Adobe Acrobat Professional 8.2
• Adobe Acrobat Professional 8.2.1
• Adobe Acrobat Professional 8.2.2
• Adobe Acrobat Professional 9
• Adobe Acrobat Professional 9.1
• Adobe Acrobat Professional 9.1.2
• Adobe Acrobat Professional 9.1.3
• Adobe Acrobat Professional 9.2
• Adobe Acrobat Professional 9.3
• Adobe Acrobat Professional 9.3.1
• Adobe Acrobat Professional 9.3.2
• Adobe Acrobat Professional 9.3.3
• Adobe Acrobat Reader (for Linux) 9.1.1
• Adobe Acrobat Reader (for Linux) 9.3.3
• Adobe Acrobat Standard 8.0
• Adobe Acrobat Standard 8.1
• Adobe Acrobat Standard 8.1.1
• Adobe Acrobat Standard 8.1.2
• Adobe Acrobat Standard 8.1.3
• Adobe Acrobat Standard 8.1.4
• Adobe Acrobat Standard 8.1.6
• Adobe Acrobat Standard 8.1.7
• Adobe Acrobat Standard 8.2
• Adobe Acrobat Standard 8.2.1
• Adobe Acrobat Standard 8.2.2
• Adobe Acrobat Standard 9
• Adobe Acrobat Standard 9.1
• Adobe Acrobat Standard 9.1.2
• Adobe Acrobat Standard 9.1.3
• Adobe Acrobat Standard 9.2
• Adobe Acrobat Standard 9.3
• Adobe Acrobat Standard 9.3.1
• Adobe Acrobat Standard 9.3.2
• Adobe Acrobat Standard 9.3.3
• Adobe Reader 8.0
• Adobe Reader 8.1
• Adobe Reader 8.1.1
• Adobe Reader 8.1.2
• Adobe Reader 8.1.2 Security Update 1
• Adobe Reader 8.1.3
• Adobe Reader 8.1.4
• Adobe Reader 8.1.5
• Adobe Reader 8.1.6
• Adobe Reader 8.1.7
• Adobe Reader 8.2
• Adobe Reader 8.2.1
• Adobe Reader 8.2.2
• Adobe Reader 8.2.3
• Adobe Reader 9
• Adobe Reader 9.1
• Adobe Reader 9.1.1
• Adobe Reader 9.1.2
• Adobe Reader 9.1.3
• Adobe Reader 9.2
• Adobe Reader 9.3
• Adobe Reader 9.3.1
• Adobe Reader 9.3.2
• Adobe Reader 9.3.3
• Foxit Foxit Reader 3.0
• Foxit Foxit Reader 3.0.2009.1301
• Foxit Foxit Reader 3.0 Build 1506
• Foxit Foxit Reader 3.0 Build 1817
• Foxit Foxit Reader 3.1.4.1125
• Foxit Foxit Reader 3.2
• Foxit Foxit Reader 3.2.0.0303

References

• BugTraq: 39109
• CVE: CVE-2010-1240
• URL: http://blog.didierstevens.com/2010/04/06/update-escape-from-pdf/