Foxit Reader Facebook Plugin Insecure Library Loading Vulnerability

Last Update Date: 7 Jun 2013 Release Date: 24 Aug 2012 4566 Views

RISK: Medium Risk

Medium Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

A vulnerability has been identified in Foxit Reader, which can be exploited by malicious people to compromise a user's system.  The bundled Facebook plug-in (facebook_plugin.fpi) loads libraries (e.g. dwmapi.dll) in an insecure manner and can be exploited to load arbitrary libraries by tricking a user into e.g. opening a PDF file located on a remote WebDAV or SMB share.

 

NOTE: Currently, there is no patch available for this vulnerability.

Impact

  • Remote Code Execution

System / Technologies affected

  • Foxit Reader 5.x

Solutions

  • NOTE: Currently, there is no patch available for this vulnerability.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Cisco WebEx Meetings Server Information Disclosure Vulnerability

7 Jun 2013 3546 Views

Next

PHP com_print_typeinfo Remote Code Execution Vulnerability

22 May 2012 5642 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY