Unit 42 Discovers Vulnerabilities in Adobe Acrobat and Reader and Foxit Reader, Shares Threat Research at Microsoft BlueHat Shanghai 2019

logo

By

Category: Unit 42

Tags: , ,

As part of ongoing threat research, Palo Alto Networks Unit 42 threat researchers have discovered 28 new vulnerabilities addressed by the Adobe Product Security Incident Response Team (PSIRT) as part of their May Adobe Security Bulletin APSB19-18 and five Foxit Reader vulnerabilities addressed by Foxit Software as part of their recent security update releases. The Adobe vulnerabilities discovered included 19 Critical and 9 Important rated vulnerabilities.

Palo Alto Networks customers with a Threat Prevention subscription who deploy our Security Operating Platform are protected from zero-day vulnerabilities such as these. Weaponized exploits for these vulnerabilities are prevented by Traps multi-layered exploit prevention and response capabilities. Threat Prevention capabilities, such as vulnerability protection with IPS and WildFire, provide our customers with comprehensive protection and automatic updates against previously unknown threats.

Palo Alto Networks appreciates both the recognition and credit Adobe and Foxit Software have given our Unit 42 threat researchers.

Palo Alto Networks is a regular contributor to vulnerability research in Microsoft, Adobe, Apple, Google Android, and other ecosystems with more than 200 critical vulnerabilities discovered. By proactively identifying these vulnerabilities, developing protections for our customers, and sharing the information with the security community, we are removing weapons used by attackers to threaten users and compromise enterprise, government, and service provider networks.

Palo Alto Networks will also present security research findings at the upcoming, prestigious Microsoft BlueHat Shanghai 2019. Two papers were accepted titled, “Is my Container Secure?  Large-Scale Empirical Study on Container Vulnerabilities” by Authors Zhaoyan Xu, Yue Guan, Cecilia Hu, Bo Qu, and Xin Ouyang.  The other paper is “Advanced Lateral Movement on Container-based K8s Cluster” by Authors Tongbo Luo and Zhaoyan Xu. Additionally, Hui Gao, from Palo Alto Networks, was added to the content advisory board for BlueHat Shanghai 2019.

Adobe Vulnerabilities Credited:

CVE Vulnerability Category Impact Maximum Severity Rating Researcher(s)
CVE-2019-7762 Use After Free Arbitrary Code Execution Critical Gal De Leon
CVE-2019-7841 Out-of-Bounds Read Information Disclosure Important Zhibin Zhang
CVE-2019-7836 Out-of-Bounds Read Information Disclosure Important Zhibin Zhang
CVE-2019-7835 Use After Free Arbitrary Code Execution Critical Zhibin Zhang
CVE-2019-7774 Out-of-Bounds Read Information Disclosure Important Zhibin Zhang
CVE-2019-7767 Use After Free Arbitrary Code Execution Critical Zhibin Zhang
CVE-2019-7773 Out-of-Bounds Read Information Disclosure Important Bo Qu
CVE-2019-7766 Use After Free Arbitrary Code Execution Critical Bo Qu
CVE-2019-7764 Use After Free Arbitrary Code Execution Critical Bo Qu
CVE-2019-7834 Use After Free Arbitrary Code Execution Critical Qi Deng
CVE-2019-7833 Use After Free Arbitrary Code Execution Critical Qi Deng
CVE-2019-7832 Use After Free Arbitrary Code Execution Critical Qi Deng
CVE-2019-7772 Use After Free Arbitrary Code Execution Critical Qi Deng
CVE-2019-7768 Use After Free Arbitrary Code Execution Critical Qi Deng
CVE-2019-7808 Use After Free Arbitrary Code Execution Critical Hui Gao
CVE-2019-7807 Use After Free Arbitrary Code Execution Critical Hui Gao
CVE-2019-7806 Use After Free Arbitrary Code Execution Critical Hui Gao
CVE-2019-7793 Out-of-Bounds Read Information Disclosure Important Zhaoyan Xu
CVE-2019-7792 Use After Free Arbitrary Code Execution Critical Zhaoyan Xu
CVE-2019-7783 Use After Free Arbitrary Code Execution Critical Zhaoyan Xu
CVE-2019-7782 Use After Free Arbitrary Code Execution Critical Zhanglin He
CVE-2019-7781 Use After Free Arbitrary Code Execution Critical Zhanglin He
CVE-2019-7778 Out-of-Bounds Read Information Disclosure Important Zhanglin He
CVE-2019-7765 Use After Free Arbitrary Code Execution Critical Zhanglin He
CVE-2019-7777 Out-of-Bounds Read Information Disclosure Important Taojie Wang
CVE-2019-7776 Out-of-Bounds Read Information Disclosure Important Taojie Wang
CVE-2019-7775 Out-of-Bounds Read Information Disclosure Important Taojie Wang
CVE-2019-7763 Use After Free Arbitrary Code Execution Critical Taojie Wang

Foxit Software Vulnerabilities Credited:

Date Researcher(s) Vulnerability Description
1/9/19 Hui Gao and Zhaoyan Xu of Palo Alto Networks Foxit Reader Heap Corruption
1/24/19 Hui Gao and Zhaoyan Xu of Palo Alto Networks Foxit Reader Memory Corruption Vulnerability
3/28/19 Hui Gao of Palo Alto Networks Foxit Reader Vulnerability
3/28/19 Hui Gao of Palo Alto Networks Foxit Reader Vulnerability
3/28/19 Hui Gao of Palo Alto Networks Foxit Reader Vulnerability