Skip to content

JVN#79301396(en)

Jump to bottom
Yasutaka ATARASHI edited this page May 21, 2018 · 1 revision

A vulnerability to load unintended DLLs by Susie plugin "axpdfium.spi"

Last update: 2018/05/22

Overview

axpdfium.spi v0.01 has a vulnerability to load unintended DLLs. If an attacker uses this vulnerability, arbitrary codes can be executed by access rights of the application to load this plugin.

Affected version

axpdfium v0.01 (2015/01/15)

How to confirm version

It is possible to check the version of the plugin to show "Configuration" or "About" of Susie plugins by applications using Susie plugins. Please see application documents for detail procedures.

Tentatively renaming extension of axpdfium.spi to .dll, then it is also possible to check the version to show proprety by Explorer (or some other applications to explore file system). It is shown as product version in detail tab.

Impact

When this plugin is loaded, it is possible to load a specific DLL from a specific folder. If an attacker places a crafted DLL, arbitrary codes can be executed by access rights of the application to load this plugin.

Solution

Please update to axpdifum v0.02(2018/05/15) or after. You can just overwrite it because there is no configuration file.

History

  • 2018/05/22 Mirror on GitHub Wiki
  • 2018/05/16 Initial announcement

Contact

[email protected]

Clone this wiki locally