Firefox blocks Foxit Reader Plugin 2.2.1.530 and below due to critical vulnerability

Mozilla Firefox has updated its block list and as a result when viewing a pdf file on firefox with foxit plugin has this warning message,

foxit-firefox-plugin-security-vulnerability

The vulnerability was unknown to me, while this warning message persisted for weeks now, until I decided to look it up. From bugzilla page  it’s clear that the Foxit Reader / PhantomPDF Plugin For Browsers has a URL Processing Buffer Overflow Vulnerability. 

The vulnerability is caused due to a boundary error in the Foxit plugin for browsers (npFoxitReaderPlugin.dll) when processing a URL and can be exploited to cause a stack-based buffer overflow via e.g. an overly long file name in the URL.
Successful exploitation allows execution of arbitrary code.

It was first found by Andrea Micalizzi and has been posted at Secunia.com at this page, http://secunia.com/advisories/51733/. The vulnerability is found on Foxit version 2.2.1.530 and below. The Firefox addon page also warned,

foxit-firefox-addon-page-vulnerable-warning

Clicking “Check to see if your plugins are up to date” doesn’t help, as this plugin is found unrecognized and you are left to hit search and it searches Google with a query “current version plugin Foxit Reader Plugin for Mozilla” which is totally helpless.

Foxit has been informed and they released an update patching up this security bug.

If you have Foxit version 2.2.1.530 or below, or your addon page shows a warning like above, head over to Foxit download page, to download the latest patched up version of Foxit reader or others. Set it to install the plugin for browsers and install it. You should now have the latest plugin.

The addon page should now show the latest version (2.2.3.111) and it’s safe!

foxit-firefox--current-addon-page

 

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *