Foxit Reader 5 update close security hole
Version 5.1.3 of Foxit Software's PDF Reader product has been released which closes a security hole that could be exploited to compromise a victim's system. According to the company, previous versions of Foxit Reader contained a vulnerability, rated as "highly critical" by security specialist Secunia, is said to be caused by the "cross-border assignment of an array" which results in memory corruption.
For an attack to be successful, a victim must first open a specially crafted PDF file. The issue was reported to the company early last month and versions up to and including Foxit Reader 5.1.0.1021 are affected; users are advised to upgrade to 5.1.3 to fix the issue.
More details about the update, which includes other non-security bug fixes, can be found in the release announcement. Foxit Reader 5.1.3 is available to download from the company's site; existing users can select "Check for Updates Now" under the Reader help menu to upgrade to the new release.
See also:
- Fixed an issue when opening certain PDF files, a Foxit Software security advisory.
(crve)