Foxit Reader Crafted PDF Title Handling Stack Buffer Overflow

Added: 11/22/2010
OSVDB: 68648

Background

Foxit Reader is a free PDF reader for Microsoft Windows systems.

Problem

Foxit Reader for Windows is vulnerable to a stack buffer overflow which could allow execution of arbitrary code. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PDF file with an overly long title.

Resolution

Upgrade to the latest version (4.2.0.0928 or higher) by going to Check for Updates Now in Foxit Reader help menu.

References

http://secunia.com/advisories/41656/

Limitations

Exploit works on Foxit Reader 4.1.1 and the user must open the exploit file in Foxit PDF reader by double-clicking on the PDF file or using the Foxit Reader file menu. However, drag-n-dropping the PDF file into Foxit Reader will not open a shell session.

Establishing a shell session will take longer than usual due to the need for searching memory.

Platforms

Windows

Back to exploit index