‫ Foxit Multiple Products Two Memory Corruption Vulnerabilities

ID: IRCAD2015043910
Release Date: 2015-04-28
Criticality level: Highly critical
Software:
Foxit Phantom PDF 7.x
Foxit Reader 7.x
Description:
Two vulnerabilities have been reported in Foxit products, which can be exploited by malicious people to compromise a user's system.
1) An error related to parsing PDF files can be exploited to corrupt memory via specially crafted stream within a PDF file.
2) An error related to verifying digital signatures can be exploited to corrupt memory.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in Foxit Reader and Foxit Enterprise Reader versions 7.1.0.306 and 7.1.3.320 and Foxit Phantom PDF versions 7.1.0.306, 7.1.2.311, and 7.1.3.320.
Solution
Update to version 7.1.5.
References:
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 9 خرداد 1394

امتیاز

امتیاز شما
تعداد امتیازها:0