Vulnerability Note VU#275219
Foxit Advanced PDF Editor 3 contains a stack buffer overrun vulnerability
Foxit Advanced PDF Editor 3, and possibly earlier versions, contains a stack buffer overrun vulnerability.
Foxit Advanced PDF Editor 3, and possibly earlier versions, contains a stack buffer overrun vulnerability that may be exploited by an attacker that is able to successfully reconstruct the security cookie protecting the return address on the stack.
An unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service.
Apply an Update
Foxit Advanced PDF Editor 3.04 has been released to address this vulnerability. If a user is unable to upgrade, please consider the following workarounds.
Use the Microsoft Enhanced Mitigation Experience Toolkit
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Foxit Software Company||Affected||10 Dec 2012||25 Jan 2013|
CVSS Metrics (Learn More)
Thanks to Christopher Gabriel of Telos Corporation for reporting this vulnerability.
This document was written by Jared Allar.
- CVE IDs: CVE-2013-0107
- Date Public: 25 Jan 2013
- Date First Published: 25 Jan 2013
- Date Last Updated: 25 Jan 2013
- Document Revision: 14
If you have feedback, comments, or additional information about this vulnerability, please send us email.