Security Corner

Jun 23 2009   5:45PM GMT

Foxit Reader Contains Multiple Vulnerabilities

Ken Harthun Ken Harthun Profile: Ken Harthun

According to a U.S. Cert bulletin issued today, my favorite PDF reader, Foxit Reader has multiple security vulnerabilities:

Foxit Reader has released updates for multiple vulnerabilities. By convincing a user to open a malicious PDF file, an attacker may be able to execute code or cause a vulnerable PDF viewer to crash. The PDF could be emailed as an attachment or hosted on a website.US-CERT encourages users to review the Foxit Security Bulletin and Vulnerability Note VU#251793 and apply any necessary updates.

The Foxit Security Bulletin describes the issues:

Two Security Vulnerabilities Fixed in Foxit Reader 3.0 and JPEG2000/JBIG2 Decoder

SUMMARY
Here is detailed information about the vulnerabilities:

1. Fixed a problem related to negative stream offset (in malicious JPEG2000 stream) which caused reading data from an out-of-bound address. We have added guard codes to solve this issue.
2. Fixed a problem related to error handling when decoding JPEG2000 header, an uncaught fatal error resulted a subsequent invalid address access. We added error handling code to terminate the decoding process.

I recommend that all Foxit Reader users update their Foxit Reader 3.0, available here: http://www.foxitsoftware.com/downloads/. Then, be sure to go to Help>Check for updates and download the stream decoder update.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: