Secunia reveals flaw in Foxit Reader 2.x

Secunia Research has released a security advisory in regard to a vulnerability in its Foxit Reader program which can be exploited to compromise a user’s system.

According to the advisory, the vulnerability is confirmed in version 2.3 build 2825, but also said other versions might be compromised.

The advisory states, ‘The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the ‘util.printf()’ JavaScript function. This can be exploited to cause a stack-based buffer overflow via a specially crafted PDF file.’

Foxit 2.3 was released in late April and the company does not have a patch for the vulnerability yet, but the company is working to address the problem.

For the full advisory go to this link.

You May Also Like

About the Author: Nettie Hartsock

Leave a Reply