Foxit Reader PDF File Handling Memory Corruption Vulnerability Network Vulnerability

Summary

The host is installed with Foxit Reader and is prone to buffer overflow vulnerability.

Impact

Successful exploitation could allow the attackers to execute arbitrary code on the target system. Impact Level: System/Application

Solution

Upgrade to the Foxit Reader version 5.4.5 or later, For updates refer to http://www.foxitsoftware.com/Secure_PDF_Reader

Insight

The is flaw is due to a boundary error in the Foxit Reader plugin for browsers (npFoxitReaderPlugin.dll) when processing a URL and can be exploited to cause a stack-based buffer overflow via an overly long file name in the URL.

Affected

Foxit Reader version 5.4.4.1128 and prior

References

http://osvdb.org/89030
http://secunia.com/advisories/51733
http://securitytracker.com/id?1027953
http://www.exploit-db.com/exploits/23944
http://www.foxitsoftware.com/support/security_bulletins.php#FRD-18

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe PageMaker Font Structure Multiple BOF Vulnerabilities
Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)
Apple iTunes '.pls' Files Buffer Overflow Vulnerability
Amarok Player Multiple Vulnerabilities
ALLMediaServer Request Handling Stack Buffer Overflow Vulnerability

Take action and discover your vulnerabilities