Foxit outfoxes fiendish flaw to fix foxed-up Firefox PDF plugin

Buffer-boundary bashing bug blatted

Tue 22 Jan 2013 // 10:32 UTC

Foxit Software has fixed a critical security hole in its PDF plugin for web browsers.

A bug in the code allowed overly long URLs in web links to crash the utility - billed as a "better" alternative to Adobe's software - or potentially inject malicious code into vulnerable Windows systems. The stack-based buffer overflow flaw is present in versions 5.4.4 and earlier of the software.

Users of the PDF-viewing plugin are advised to update to version 5.4.5 as explained in an advisory by Foxit. The company credits Danish security notification firm Secunia and Core Security Technologies for finding and confirming the issue in the Firefox build of the software, respectively. ®

Topics

Special Features

Vendor Voice

Resources

SaaS

Foxit outfoxes fiendish flaw to fix foxed-up Firefox PDF plugin

Buffer-boundary bashing bug blatted

More about

More about

More about

More about

More about

TIP US OFF

Other stories you might like

Adobe will fork over cash for clips to train text-to-video AI

Microsoft squashes SmartScreen security bypass bug exploited in the wild

Canva acquires Affinity, further wounding a regulator-bruised Adobe

Reducing the cloud security overhead

March Patch Tuesday sees Hyper-V join the guest-host escape club

Adobe has 'no plans' to invest in XD despite failed Figma buy

Crims found and exploited these two Microsoft bugs before Redmond fixed 'em

Adobe ditches $20B Figma takeover under pressure from monopoly cops

New year, new updates for security holes in Windows, Adobe, Android and more

Adobe warns it may face massive fines for subscription cancellation practices

Former Adobe software engineering leader convicted of insider trading

Europe says Adobe's $20B buy of Figma will kill competition

About Us

Our Websites

Your Privacy