In association with heise online

20 May 2008, 15:16

Foxit Reader executes injected code

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Security service provider Secunia has discovered a security hole in Foxit Reader, a popular alternative to Acrobat Reader. It allows attackers to inject and execute malicious code such as Trojans via PDF files.

The problem is caused by a boundary error when the program processes PDF files with embedded JavaScript. A buffer overflow can occur in the util.printf() function when the program parses format strings containing a floating-point specifier. This can allow malicious code to be injected and executed.

As Secunia confirmed to heise Security, the error affects the standard Foxit Reader, version 2.3 build 2825 and possibly previous versions – even without the JavaScript plug-in. The vulnerability will be patched in the version 2.3 build 2912 to be released shortly. The old unpatched version is still available on Foxit's download servers.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit