Foxit Reader Freetype Engine remote integer overflow vulnerability-vulnerability warning-the black bar safety net

2011-06-29T00:00:00
ID MYHACK58:62201131079
Type myhack58
Reporter 佚名
Modified 2011-06-29T00:00:00

Description

Release date: 2011-06-21

Update date: 2011-06-21

Affected system:

Foxit Foxit Reader 4. x

Foxit Foxit Reader 3. x

Foxit Foxit Reader 2. x

Not affected system:

Foxit Foxit Reader 4.0.0.0619

Description:

--------------------------------------------------------------------------------

BUGTRAQ ID: 4 8 3 5 9

CVE ID: CVE-2 0 1 1-1 9 0 8

Foxit Reader is a small PDF document viewer and print program.

Foxit Reader in the Freetype engine on the realization of the presence of a remote integer overflow vulnerability, an attacker can exploit this vulnerability to execute arbitrary code that may cause a denial of service.

<*source: David Seidman

Links: http://www.foxitsoftware.com/products/reader/security_bulletins.php#files

*>

Recommendations:

--------------------------------------------------------------------------------

Manufacturers patch:

Foxit

-----

The current vendors have released an upgrade patch to fix this security issue, please go to the manufacturers home page download:

http://www.foxitsoft.com/wac/server_intro.php