Foxit Reader 4.1.1 - Stack Overflow

EDB-ID:

15514

CVE:



Author:

dookie

Type:

dos


Platform:

Windows

Date:

2010-11-13


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

Foxit Reader 4.1.1 is subject to a stack overflow vulnerability when parsing overly long unicode titles resulting in a SEH overwrite.
The included PoC results in a SEH overwrite. The exception must be passed twice in order to reach the overwritten handler.
This vulnerability was reported to the vendor and was patched in Foxit Reader 4.2.

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/15514.pdf (foxit_411_poc.pdf)