AB TECHNOLOGY Document Reader Directory Traversal Vulnerability Allowing Arbitrary File Overwrite

A directory traversal vulnerability has been identified in AB TECHNOLOGY Document Reader: PDF, DOC, PPT, version 65.0. This vulnerability arises from inadequate security checks during the file import process, allowing attackers to manipulate filenames and overwrite critical internal files in the application's storage. Such file overwrites could lead to execution of malicious code, modification of the application's behavior, or cause the app to malfunction or crash. The vulnerability can be exploited automatically without complex user interaction, once the victim opens the malicious app.

Impact

Exploitation of this vulnerability allows for arbitrary file overwriting in the application's internal storage. This could lead to execution of malicious code, modification of the application's configuration or preferences, causing the app to crash or malfunction, or other severe security impacts.

Reproduction

The vulnerability can be reproduced by sending an intent to the 'com.united.office.reader.ReadIntermediateDocumentActivity' component. The intent must include a URI that traverses the directory structure to reach a sensitive file, such as a shared preferences file, and specify a content type that the application will accept. Once the intent is received, the application will overwrite the targeted file with the attacker's chosen content.

Remediation

Users are advised to update to a version of the application that addresses this vulnerability. If no such version is available, consider using an alternative document reader that does not have this vulnerability.