Firefox blocks Foxit Reader Plugin 126.96.36.1990 and below due to critical vulnerability
Mozilla Firefox has updated its block list and as a result when viewing a pdf file on firefox with foxit plugin has this warning message,
The vulnerability was unknown to me, while this warning message persisted for weeks now, until I decided to look it up. From bugzilla page it’s clear that the Foxit Reader / PhantomPDF Plugin For Browsers has a URL Processing Buffer Overflow Vulnerability.
The vulnerability is caused due to a boundary error in the Foxit plugin for browsers (npFoxitReaderPlugin.dll) when processing a URL and can be exploited to cause a stack-based buffer overflow via e.g. an overly long file name in the URL.
Successful exploitation allows execution of arbitrary code.
It was first found by Andrea Micalizzi and has been posted at Secunia.com at this page, http://secunia.com/advisories/51733/. The vulnerability is found on Foxit version 188.8.131.520 and below. The Firefox addon page also warned,
Clicking “Check to see if your plugins are up to date” doesn’t help, as this plugin is found unrecognized and you are left to hit search and it searches Google with a query “current version plugin Foxit Reader Plugin for Mozilla” which is totally helpless.
Foxit has been informed and they released an update patching up this security bug.
If you have Foxit version 184.108.40.2060 or below, or your addon page shows a warning like above, head over to Foxit download page, to download the latest patched up version of Foxit reader or others. Set it to install the plugin for browsers and install it. You should now have the latest plugin.
The addon page should now show the latest version (220.127.116.11) and it’s safe!