11 Jan 2013

FoxIt PDF Reader Vulnerable to Exploitation Techniques

 

One of the most popular alternatives to Adobe Reader is currently vulnerable to an exploitation technique that can totally compromise the security of the computer it runs on. According to independent security researcher Andrea Micalizzi, the exploit affects all versions of the reader application prior to 5.4.4.1128.

The flaw resides in the npFoxitReaderPlugin.dll file which can’t safely read an extremely long filename passed as a URL. This triges a stack-based buffer overflow that can result in execution of arbitrary code, or simply put, in someone planting malware on your device without your intervention.

This is extremely bad news for the 130 million users of the PDF reader solution, especially since there is no official fix for the issue.

"We have confirmed the vulnerability using Firefox, Opera, and Safari," Chaitanya Sharma, advisory team lead at Secunia, said in a quote for IDG News. "At the moment the best mitigation is to disable this add-on in browsers and use other software e.g. Adobe Reader."

Until a fix becomes available, users are advised to either use the application carefully or to disable the plugin.