System compromise in Foxit Reader

Posted: January 18, 2013 in Vulnerabilities
Tags: Foxit Reader, system compromise, vulnerability

Vulnerability: System compromise in Foxit Reader

Danger: High
Patch: Yes
Number of vulnerabilities: 1

Vector operation: Remote
Impact: System Compromise

Exploit: Functional exploit
Affected Products: Foxit Reader 5.x, Foxit Reader Plugin 2.x (extension for Firefox)

Affected versions:
Foxit Reader 5.4.4.1128, possibly other versions, Foxit Reader Plugin 2.2.1.530, possibly other versions

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system. The vulnerability is caused due to a boundary error in the Foxit Reader plugin for browsers (npFoxitReaderPlugin.dll) when processing URL. This can be exploited via a specially crafted URL addresses a buffer overflow in the stack and execute arbitrary code on the target system.

Manufacturer URL: http://www.foxitsoftware.com/

links:

http://retrogod.altervista.org/9sg_foxit_overflow.htm

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

You are commenting using your Google+ account. ( Log Out / Change )

Cancel

Connecting to %s

MALWARELIST.net – Your Information Security Source

Security Solutions Deals

Follow Blog via Email

Top 5 Best Blog Posts

Categories

Find us on Facebook