Plattform
windows
Komponente
foxit-reader
CVE-2019-6772 is an information disclosure vulnerability affecting Foxit Reader versions 2019.010.20098 and prior. This flaw, located within the AcroForms removeField method, can be exploited by an attacker to potentially disclose sensitive information and, in conjunction with other vulnerabilities, execute code. The vulnerability requires user interaction to trigger, typically through visiting a malicious page or opening a malicious file. A patch is available from Foxit.
Successful exploitation of CVE-2019-6772 allows an attacker to potentially disclose sensitive information stored within AcroForms. While the vulnerability description mentions the possibility of code execution, it explicitly states this requires leveraging the flaw in conjunction with other vulnerabilities. The primary risk is the exposure of data contained within forms, which could include personally identifiable information (PII), financial details, or confidential business data. The attack vector involves tricking a user into opening a malicious PDF file or visiting a webpage containing a crafted PDF. The potential for code execution elevates the risk, as a successful combined attack could lead to complete system compromise.
CVE-2019-6772 was publicly disclosed on June 3, 2019. There is no indication of active exploitation campaigns targeting this specific vulnerability. Public proof-of-concept (PoC) code is not widely available, which reduces the immediate risk. The CVSS score of 3.3 (LOW) reflects the requirement for user interaction and the limited potential impact. This vulnerability is not listed on the CISA KEV catalog.
Users who rely on Foxit Reader to view PDF documents, particularly those who frequently open PDFs from external or untrusted sources, are at risk. Organizations with legacy systems running older, unpatched versions of Foxit Reader are also vulnerable. Shared hosting environments where multiple users access the same Foxit Reader installation are particularly susceptible.
• windows / supply-chain:
Get-Process foxitreader | Select-Object -ExpandProperty Path• windows / supply-chain:
Get-WinEvent -LogName Application -Filter "EventID = 1000 -ProviderName FoxitReader" | Select-String -Pattern "CVE-2019-6772"• generic web:
curl -I https://example.com/malicious.pdf | grep -i 'acroform'disclosure
Exploit-Status
EPSS
0.24% (47% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2019-6772 is to upgrade to a patched version of Foxit Reader. Foxit has released a fix to address this vulnerability. If immediate patching is not possible, consider implementing temporary workarounds such as disabling JavaScript within Foxit Reader or restricting users from opening PDF files from untrusted sources. Network administrators should monitor network traffic for suspicious PDF files and implement strict file type filtering. After upgrading, confirm the fix by attempting to open a known malicious PDF file (in a test environment) and verifying that the vulnerability is no longer triggered.
Aktualisieren Sie Foxit Reader auf eine Version nach 2019.010.20098, um die Schwachstelle zu beheben. Laden Sie die neueste Version von der offiziellen Foxit-Website herunter.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2019-6772 is a vulnerability in Foxit Reader 2019.010.20098 that allows attackers to potentially disclose sensitive information through a flaw in the AcroForms removeField method. User interaction is required.
You are affected if you are using Foxit Reader version 2019.010.20098 or earlier. Upgrade to a patched version to mitigate the risk.
Upgrade to the latest patched version of Foxit Reader. Check the Foxit website for available updates and installation instructions.
There is no current evidence of active exploitation campaigns targeting CVE-2019-6772, but the potential for exploitation remains.
Refer to the official Foxit security advisory for detailed information and updates: [https://www.foxit.com/security/bulletins/pdf-sdk-vulnerability-may-2019.html](https://www.foxit.com/security/bulletins/pdf-sdk-vulnerability-may-2019.html)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.