vendor:
Foxit Reader
by:
rgod
9,3
CVSS
HIGH
Remote Stack Buffer Overflow
119
CWE
Product Name: Foxit Reader
Affected Version From: Foxit Reader 5.4.3.0920
Affected Version To: Foxit Reader 5.4.4.1128
Patch Exists: YES
Related CWE: N/A
CPE: a:foxitsoftware:foxit_reader:5.4.4.1128
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Microsoft Windows, Mozilla Firefox 17.0.1
2013
Foxit Reader <= 5.4.4.1128 Plugin for Firefox npFoxitReaderPlugin.dll Overlong Query String Remote Stack Buffer Overflow PoC
Foxit Reader is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will likely crash the application.
Mitigation:
Upgrade to the latest version of Foxit Reader.
