Skip to main content

Foxit Reader Plugin For Browsers URL Processing Buffer Overflow Vulnerability

Last Update Date: 18 Jan 2013 Release Date: 9 Jan 2013 5126 Views

RISK: High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

A vulnerability has been identified in Foxit Reader, which can be exploited by malicious people to compromise a user's system.

 

The vulnerability is caused due to a boundary error in the Foxit Reader plugin for browsers (npFoxitReaderPlugin.dll) when processing a URL and can be exploited to cause a stack-based buffer overflow via e.g. an overly long file name in the URL.

 

Successful exploitation allows execution of arbitrary code.


Impact

  • Remote Code Execution

System / Technologies affected

  • Version 5.4.4.1128 (npFoxitReaderPlugin.dll version 2.2.1.530) and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier

  • No CVE information is available

Source


Related Link