Detections
Analytics
Foxit Reader Firefox Plugin URL File Name RCE
high Nessus Plugin ID 64094
Language:
Synopsis
A PDF viewer installed on the remote host is affected by a remote code execution vulnerability.Description
According to its version, the Foxit Reader installed on the remote Windows host is affected by an boundary error related to the Firefox plugin (npFoxitReaderPlugin.dll) due to improper processing of user-supplied input when handing an overly long file name in a URL query string. An unauthenticated, remote attacker can exploit this, via a crafted URL, to trigger a stack-based buffer overflow, resulting in a denial of service or the execution of arbitrary code.Solution
Upgrade to Foxit Reader version 5.4.5.0114, and install the latest Firefox Plugin via the internal update mechanism.See Also
http://www.nessus.org/u?7497e804
https://www.foxitsoftware.com/support/security-bulletins.php
Plugin Details
Severity: High
ID: 64094
File Name: foxit_reader_firefox_plugin_stack_overflow.nasl
Version: 1.8
Type: local
Agent: windows
Family: Windows
Published: 1/25/2013
Updated: 8/8/2018
Supported Sensors: Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/a:foxitsoftware:foxit_reader
Required KB Items: installed_sw/Mozilla Firefox, installed_sw/Foxit Reader
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/17/2013
Vulnerability Publication Date: 1/7/2013
Exploitable With
Metasploit (Foxit Reader Plugin URL Processing Buffer Overflow)
Reference Information
BID: 57174