Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
In accordance with our coordinated disclosure policy, Cisco Talos worked with Foxit to disclose these vulnerabilities and ensure that an update is available.
For more information on this vulnerability, read the complete advisory here.
There are also four Four use-after-free vulnerabilities. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. For more information on these, check out their respective advisories.
Talos tested and confirmed that these vulnerabilities affect Foxit PDF Reader, version 10.1.0.37527.
The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Snort Rules: 51949, 51950, 56053, 56054, 56063 - 56066, 56122, 56123