In association with heise online

10 January 2013, 09:13

Current Foxit Reader can execute malicious code

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Installation screenshot
Zoom The vulnerable browser plugin is added by default during the installation of Foxit.
Security expert Andrea Micalizzi has discovered a critical vulnerability in the current Foxit Reader's browser plugin; according to the researcher, the hole can be exploited to inject malicious code. When a web page instructs the npFoxitReaderPlugin.dll plugin to open a PDF document from a very long URL, a buffer overflow is created on the stack. Micalizzi's advisory also includes an appropriate exploit for the vulnerability.

Secunia has rated the hole highly critical. Foxit Reader installs the browser plugins for Chrome, Firefox, Opera and Safari by default. Since the current version (plugin version is affected, the only available protective measure is to disable the plugin in the browser. To do this in Firefox, click on the Firefox menu, select Tools and then select Add-ons, Plugins; in Chrome, the fastest way of accessing the plugin menu is to visit the chrome://plugins/ URL.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit