en

‫ MuPDF Firefox Plugin Buffer Overflow Vulnerability

IRCAD2011051191
ID:IRCAD2011051191
Release Date: 2011-05-06
Criticality level: Highly critical
Software:
MuPDF (Plugin for Firefox)
Description:
Secunia Research has discovered a vulnerability in the MuPDF plugin for Firefox, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the "pdfmoz_onmouse()" function in apps/mozilla/moz_main.c and can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into visiting a specially crafted website.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 2008.09.02. Other versions may also be affected.
Solution:
Use another product.
References:
Secunia Research:
Secunia:

The Wall

No comments
You need to sign in to comment