平台
windows
组件
foxit-reader
修复版本
9.4.16812
CVE-2019-6758 is an information disclosure vulnerability affecting Foxit Reader versions 9.4.16811. This flaw allows remote attackers to potentially expose sensitive information if a user visits a malicious page or opens a malicious file. A fix is available in version 9.4.16812, and users are strongly encouraged to upgrade.
The primary impact of CVE-2019-6758 is the potential disclosure of sensitive information. While the vulnerability is rated as LOW severity, the ability to extract data from a user's system can be significant, particularly if the data includes confidential documents, credentials, or other sensitive information. The vulnerability resides within the ConvertToPDF_x86.dll component, suggesting that PDF conversion processes are a key area of concern. An attacker could potentially chain this information disclosure with other vulnerabilities to escalate privileges or gain further access to the system, though this is not explicitly stated in the description.
CVE-2019-6758 was reported to ZDI (ZDI-CAN-7701) and subsequently publicly disclosed. There is no indication of active exploitation campaigns or KEV listing at the time of writing. Public proof-of-concept exploits are not widely available, which contributes to the LOW CVSS score. The vulnerability was published on 2019-06-03.
Organizations and individuals who rely on Foxit Reader for PDF viewing and editing are at risk. This includes users who frequently handle sensitive documents or operate in environments with a high risk of targeted attacks. Users who have not updated their Foxit Reader installations are particularly vulnerable.
• windows / supply-chain:
Get-Process foxitreader | Select-Object ProcessName, Path, CPU• windows / supply-chain:
Get-WinEvent -LogName Application -FilterXPath "*[System[Provider[@Name='Foxit Reader']]]" -MaxEvents 10• windows / supply-chain: Check Autoruns for suspicious entries related to Foxit Reader or ConvertToPDF_x86.dll using Sysinternals Autoruns.
disclosure
漏洞利用状态
EPSS
0.24% (47% 百分位)
CVSS 向量
The primary mitigation for CVE-2019-6758 is to upgrade Foxit Reader to version 9.4.16812 or later. If upgrading is not immediately feasible, consider implementing stricter controls on file downloads and website access to minimize the risk of exposure to malicious content. Educate users about the risks of opening attachments from untrusted sources. While no specific WAF rules or detection signatures are readily available, monitoring network traffic for unusual PDF conversion activity could provide an early warning sign. After upgrading, confirm the fix by attempting to open a known malicious PDF file (in a controlled environment) to verify that the information disclosure is no longer possible.
将Foxit Reader更新到9.4.16811之后的版本。从Foxit官方网站下载最新版本。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2019-6758 is a LOW severity information disclosure vulnerability in Foxit Reader 9.4.16811 that allows attackers to potentially expose sensitive data if a user opens a malicious file or visits a malicious page.
If you are using Foxit Reader version 9.4.16811, you are affected by this vulnerability. Upgrade to version 9.4.16812 or later to mitigate the risk.
The fix is to upgrade Foxit Reader to version 9.4.16812 or a later version. Download the latest version from the official Foxit Reader website.
There is no current evidence of active exploitation campaigns targeting CVE-2019-6758, but it is still important to apply the patch to prevent potential future attacks.
Refer to the Foxit Reader security advisory for details: [https://www.foxit.com/security/bulletins/pdf-sdk-information-disclosure-vulnerability](https://www.foxit.com/security/bulletins/pdf-sdk-information-disclosure-vulnerability)