Cisco Talos has disclosed 10 vulnerabilities over the past two weeks, including nine that exist in a popular online PDF reader that offers a browser plugin.
Attackers could exploit these vulnerabilities in the Foxit PDF Reader to carry out a variety of malicious actions, but most notably could gain the ability to execute arbitrary code on the targeted machine.
Foxit aims to have feature parity with Adobe Acrobat Reader, the most popular PDF-reading software currently on the market.
There are also browser plugins of Foxit that run in a variety of web browsers, including Google Chrome and Mozilla Firefox.
Talos' Vulnerability Research team also found an integer overflow vulnerability in the GPSd daemon, which is triggered if an attacker sends a specially crafted packet, causing the daemon to crash.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence's website.
Foxit PDF Reader contains multiple vulnerabilities that could lead to remote code execution if exploited correctly.
TALOS-2023-1837 and TALOS-2023-1839 can be exploited if an attacker embeds malicious JavaScript into a PDF, and the targeted user opens that PDF in Foxit.
These vulnerabilities can trigger the use of a previously freed object, which can lead to memory corruption and arbitrary code execution.
TALOS-2023-1838 works in the same way, but in this case, it is caused by a type confusion vulnerability.
Three other vulnerabilities could allow an attacker to create arbitrary HTA files in the context application, and eventually gain the ability to execute arbitrary code on the targeted machine.
TALOS-2023-1832, TALOS-2023-1833 and TALOS-2023-1834 are all triggered if the targeted user opens a specially crafted file in the Foxit software or browser plugin.
An integer overflow vulnerability exists in the NTRIP Stream Parsing functionality of GPS daemon, which is used to collect and display GPS information in other software.
Talos researchers recently found multiple data integrity vulnerabilities in Buildroot, a tool that automates builds of Linux environments for embedded systems.
An adversary could carry out a man-in-the-middle attack to exploit TALOS-2023-1845 and TALOS-2023-1844 to execute arbitrary code in the builder.
As a direct consequence, an attacker could then also tamper with any file generated for Buildroot's targets and hosts.
An uninitialized pointer use vulnerability exists in the functionality of WPS Office, a suite of software for word and data processing, that handles Data elements in an Excel file.
A specially crafted malformed Excel file can lead to remote code execution.
WPS Office, previously known as a Kingsoft Office, is a software suite for Microsoft Windows, macOS, Linux, iOS, Android, and HarmonyOS developed by Chinese software developer Kingsoft.
Talos disclosed this vulnerability in November despite no official fix or patch from Kingsoft after the company did not respond to our notification attempts and failed the 90-day deadline as outlined in Cisco's third-party vendor vulnerability disclosure policy.
This Cyber News was published on blog.talosintelligence.com. Publication date: Wed, 06 Dec 2023 19:43:05 +0000