Vulnerability discovered by Aleksandar Nikolic of Talos.
Talos has identified an information disclosure vulnerability in Foxit PDF Reader (TALOS-2016-0201 /CVE-2016-8334). A wrongly bounded call to `memcpy`, while parsing jbig2 segments within a PDF file, can be triggered in Foxit PDF Reader causing an out-of-bounds heap memory to be read into a buffer. The `memcpy` call is properly sized, but the source is smaller than the size argument, causing the adjacent memory to be copied into a buffer, where heap metadata, addresses and pointers can be copied and later reused, disclosing memory layout. Combined with another vulnerability, this information disclosure can be used to leak heap memory layout and bypass ASLR. Phishing campaigns commonly use PDF files, as malicious attachments or linked downloads, to deliver malware.
Read more
Tags:
Cisco Systems Inc. published this content on 18 October 2016 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 18 October 2016 18:33:08 UTC.
Original documenthttp://blogs.cisco.com/security/talos/vulnerability-spotlight-foxit-pdf-jbig2
Public permalinkhttp://www.publicnow.com/view/B1433900E0871DAE4AE8BB6418B8B84BFEBEEF18
Cisco Systems, Inc. is the world leader in designing, developing, and marketing Internet network equipment. Net sales break down by family of products and services as follows:
- network equipment (68.9%); switches and routers, technological software and systems (storage, Internet access, and security systems, wiring, gateways, connection interfaces and modules, etc.), etc.;
- services (24.3%): technical assistance, network design, execution, and integration services, etc.;
- security products (6.8%).
Net sales are distributed geographically as follows: Americas (58.7%), Europe/Middle East/Africa (26.6%) and Asia/Pacific (14.7%).