Vulnerability: System compromise in Foxit Reader
Danger: High
Patch: Yes
Number of vulnerabilities: 1
Vector operation: Remote
Impact: System Compromise
Exploit: Functional exploit
Affected Products: Foxit Reader 5.x, Foxit Reader Plugin 2.x (extension for Firefox)
Affected versions:
Foxit Reader 5.4.4.1128, possibly other versions, Foxit Reader Plugin 2.2.1.530, possibly other versions
Description:
The vulnerability allows a remote user to execute arbitrary code on the target system. The vulnerability is caused due to a boundary error in the Foxit Reader plugin for browsers (npFoxitReaderPlugin.dll) when processing URL. This can be exploited via a specially crafted URL addresses a buffer overflow in the stack and execute arbitrary code on the target system.
Manufacturer URL: http://www.foxitsoftware.com/
links: