Foxit Advanced PDF Editor 3, and possibly earlier versions, contains a stack buffer overrun vulnerability.
Foxit Advanced PDF Editor 3, and possibly earlier versions, contains a stack buffer overrun vulnerability that may be exploited by an attacker that is able to successfully reconstruct the security cookie protecting the return address on the stack.
An unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service.
Apply an Update
Foxit Advanced PDF Editor 3.04 has been released to address this vulnerability. If a user is unable to upgrade, please consider the following workarounds.
Use the Microsoft Enhanced Mitigation Experience Toolkit
Thanks to Christopher Gabriel of Telos Corporation for reporting this vulnerability.
This document was written by Jared Allar.
|Date First Published:||2013-01-25|
|Date Last Updated:||2013-01-25 15:40 UTC|