Zero-Day Vulnerabilities discovered in Foxit PDF Reader
Two critical zero-day vulnerabilities have been detected in the Foxit Reader software that could allow attackers to execute arbitrary code on the target computer, if the software is not configured to open files in the reading mode.
the first vulnerability (CVE-2017-10951) was discovered by researcher Ariele Caltabiano and is a command injection bug and the second vulnerability (CVE-2017-10952) was discovered by Steven Seeley, an Offensive Security researcher, and is a file write issue.
For the attack to work, the attacker has craft a PDF file and send it to the user and entice them to open it.
The vulnerabilities are not yet being patched and will not be patched by Foxit because it would not work with “safe reading mode” feature which is the default in the Foxit Reader.
It is advised that users should be careful when opening files via email.