02 October 18, 13:49
Quote:All of the 18 vulnerabilities found by Cisco Talos, as well as many others fixed by this update, are labeled as critical because they could lead to code execution. This would allow attackers to create specially crafted web pages or PDFs that could exploit these vulnerabilities to execute commands or install malware on vulnerable computers. Of the 18 vulnerabilities disclosed by Cisco, 12 of them could be exploited simply by visiting a web site when the Foxit PDF browser plugin is enabled.
Foxit suggests that all users of Foxit PDF Reader and Foxit PhantomPDF upgrade to version 9.3 to resolve these vulnerabilities. Foxit PDF Reader 9.3 can be downloaded here and Foxit PhantomPDF can be downloaded here. It is strongly suggested that all users install this update.
The full list of patched vulnerabilities is below and more information about who discovered the vulnerabilities can be found in Foxit's security bulletin.
Source: https://www.bleepingcomputer.com/news/se...abilities/