Plateforme
windows
Composant
foxit-reader
Corrigé dans
9.4.2
CVE-2019-6773 is an information disclosure vulnerability affecting Foxit Reader versions 9.4.1.16828. An attacker can potentially expose sensitive information by tricking a user into visiting a malicious webpage or opening a malicious file. This vulnerability arises from insufficient validation of objects within AcroForms. The issue is resolved in Foxit Reader 9.4.2.
Successful exploitation of CVE-2019-6773 allows an attacker to disclose sensitive information stored within Foxit Reader documents. While the vulnerability requires user interaction, the potential impact is significant, as attackers could gain access to confidential data such as financial records, personal information, or proprietary business documents embedded within PDF files. The attack vector involves crafting a malicious PDF document that exploits the flawed object validation logic. This could be delivered via phishing emails, malicious websites, or compromised file shares. The blast radius is limited to users who open the malicious document with a vulnerable version of Foxit Reader.
CVE-2019-6773 was publicly disclosed on June 3, 2019. There is no indication of active exploitation campaigns targeting this vulnerability at this time. No public proof-of-concept exploits are readily available. The vulnerability is not currently listed on the CISA KEV catalog. The CVSS score of 3.3 (LOW) reflects the requirement for user interaction and the limited potential impact.
Users who rely on Foxit Reader for viewing and managing PDF documents are at risk, particularly those who frequently open PDF files from external sources or untrusted websites. Organizations with legacy systems or configurations that prevent timely software updates are also at increased risk. Shared hosting environments where users have limited control over their software versions are also vulnerable.
• windows / desktop:
Get-Process foxitreader | Select-Object ProcessName, Id, CPU• windows / desktop:
Get-ItemProperty -Path 'HKLM:\Software\Foxit Software\Foxit Reader' -Name Version• windows / desktop: Check Autoruns for suspicious entries related to Foxit Reader or PDF processing. • windows / desktop: Review Windows Defender alerts for suspicious activity related to PDF files or Foxit Reader processes.
disclosure
Statut de l'Exploit
EPSS
1.01% (percentile 77%)
Vecteur CVSS
The primary mitigation for CVE-2019-6773 is to upgrade Foxit Reader to version 9.4.2 or later. If immediate upgrading is not possible, consider implementing stricter controls on file downloads and email attachments to prevent users from opening potentially malicious PDF files. Educate users about the risks of opening untrusted documents. While a direct WAF rule is unlikely to be effective, network-level intrusion detection systems (IDS) could be configured to monitor for suspicious network traffic patterns associated with PDF file exploitation attempts. After upgrading, confirm the fix by attempting to open a known malicious PDF file (in a controlled environment) to verify that the vulnerability is no longer exploitable.
Mettez à jour Foxit Reader à une version ultérieure à la 9.4.1.16828. Téléchargez la dernière version depuis le site web officiel de Foxit.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2019-6773 is a vulnerability in Foxit Reader 9.4.1.16828 that allows attackers to potentially disclose sensitive information by exploiting flawed object validation in AcroForms.
You are affected if you are using Foxit Reader version 9.4.1.16828. Upgrade to version 9.4.2 or later to mitigate the risk.
The fix is to upgrade Foxit Reader to version 9.4.2 or a later version. Ensure you download the update from a trusted source.
There is no current evidence of active exploitation campaigns targeting CVE-2019-6773, but it remains a potential risk.
Refer to the Foxit Security Bulletin for details: [https://www.foxit.com/security/bulletin/psirt-19-014](https://www.foxit.com/security/bulletin/psirt-19-014)
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.