 Foxit Reader Plugin: Critical Vuln. |
You are viewing Security Bulletins Forum
Thank you for viewing our Security Bulletins forum. You'll find here latest and important security bulletins on several products and services.
Notes::
- Old entries/news are deleted in this forum
- Please do NOT post your PC problems here. Use instead: HELP! Think you are Infected? for HijackThis analysis. For PC Related Topics, Operating Systems or general security questions, kindly go to Security Newbies Forum.
  |
 Oct 20 2009, 01:09 AM
Post
#1
|
|
 GSF's HoneyBee  Group: General Admin Posts: 23792 Joined: 23-April 04 Member No.: 7183  |
Foxit Reader Firefox Plugin Memory Corruption Vulnerability
Secunia Advisory: SA37049 - Highly critical Description: A vulnerability has been discovered in Foxit Reader, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in the Foxit Reader plugin for Firefox (npFoxitReaderPlugin.dll). This can be exploited to trigger a memory corruption by tricking a user into visiting a specially crafted web page which repeatedly loads and unloads the plugin. Successful exploitation may allow execution of arbitrary code. This is related to vulnerability #12 in: SA36983 The vulnerability is confirmed with Foxit Reader version 3.1.2.1013 and Mozilla Firefox 3.5.3. Other versions may also be affected. Solution: Do not visit untrusted websites or follow untrusted links. Disable the Foxit Reader plugin in Firefox. Provided and/or discovered by: Originally discovered in Adobe Reader by SkyLined. Reported in Foxit Reader by MrX. http://secunia.com/advisories/37049/ This affects the latest version update of Foxit Reader - Firefox Plugin - Be careful out there, folks! Run your browser Untrusted with something like DefenseWall HIPS, or similar Security application. --------------------  |
 |
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 22nd November 2009 - 06:55 AM |
