Security update for Foxit Reader
Foxit Software has released a new version of Foxit Reader, a popular alternative to Adobe's Acrobat PDF Reader, to address two security vulnerabilities. According to the report, a problem when reading JPX (JPEG2000) streams in PDF documents could allow an attacker to remotely execute malicious code. For an attack to be successful, a victim must first be tricked into opening a specially crafted PDF document. Foxit Reader, only supports these streams if the user has installed the associated add-on, but if the add-on is not installed users are automatically prompted to install it when opening such a document.
- Two Security Vulnerabilities Fixed in Foxit Reader 3.0 and JPEG2000/JBIG2 Decoder, security advisory from Foxit Software.
- Foxit Reader contains multiple vulnerabilities in the processing of JPX data, security advisory from US-CERT.