System compromise in Foxit Reader

Posted: January 18, 2013 in Vulnerabilities
Tags: , ,

Foxit ReaderVulnerability: System compromise in Foxit Reader

Danger: High
Patch: Yes
Number of vulnerabilities: 1

Vector operation: Remote
Impact: System Compromise

Exploit: Functional exploit
Affected Products: Foxit Reader 5.x, Foxit Reader Plugin 2.x (extension for Firefox)

Affected versions:
Foxit Reader 5.4.4.1128, possibly other versions, Foxit Reader Plugin 2.2.1.530, possibly other versions

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system. The vulnerability is caused due to a boundary error in the Foxit Reader plugin for browsers (npFoxitReaderPlugin.dll) when processing URL. This can be exploited via a specially crafted URL addresses a buffer overflow in the stack and execute arbitrary code on the target system.

Manufacturer URL: http://www.foxitsoftware.com/

links:

http://retrogod.altervista.org/9sg_foxit_overflow.htm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s