Flaw in Foxit Reader Browser Plugin Allows Cybercriminals to Compromise Computers

The issue has been identified by Andrea Micalizzi

  Vulnerability found in Foxit Reader
Researcher Andrea Micalizzi has identified a serious vulnerability in Foxit Reader, the PDF reader app that’s preferred by many users to Adobe’s products.

Researcher Andrea Micalizzi has identified a serious vulnerability in Foxit Reader, the PDF reader app that’s preferred by many users to Adobe’s products.

According to Micalizzi, the flaw in Foxit Reader – advertised as the most secure reader – can be exploited to inject malicious code.

“The vulnerability is caused due to a boundary error in the Foxit Reader plugin for browsers (npFoxitReaderPlugin.dll) when processing a URL and can be exploited to cause a stack-based buffer overflow via e.g. an overly long file name in the URL,” Secunia explained in its advisory.

Experts from security firm Sophos have managed to reproduce the results obtained by Micalizzi on Firefox 18 with Foxit Plugin 2.2.1.530 on Windows XP3.

“The crash, which is a side-effect of a stack overflow, pretty much lets you write to a memory location of your choice. That's not good,” Sophos’ Paul Ducklin explained.

So far, the company hasn’t said anything regarding its plans to address the issue. In the meantime, users can protect themselves by disabling the browser plugin.

1 Comment