Main Vulnerability Database Vulnerabilities #VU4431

Stack overflow in Foxit Reader for Linux - #VU4431

Published: January 12, 2017

Vulnerability identifier: #VU4431

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Foxit Software Inc.

Affected software:
Foxit Reader for Linux

Detailed vulnerability description

The vulnerability allows a remote attacker to cause denial of service conditions.

The vulnerability exists due to stack overflow vulnerability when processing PDF files. A remote attacker can create a specially rafted PDF file, trick the victim into opening it, trigger stack overflow and terminate the application.

Successful exploitation of the vulnerability will result in DoS attack.

Remediation

Install the latest version Foxit Reader for Linux 2.3 from vendor's website.

Sources

https://www.foxitsoftware.com/support/security-bulletins.php

Stack overflow in Foxit Reader for Linux - #VU4431

Detailed vulnerability description

Remediation

Sources

Please verify you're human