Foxit Reader 4.1.1 - Stack Overflow

EDB-ID:

15514

CVE:



Author:

dookie

Type:

dos


Platform:

Windows

Date:

2010-11-13


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

Foxit Reader 4.1.1 is subject to a stack overflow vulnerability when parsing overly long unicode titles resulting in a SEH overwrite.
The included PoC results in a SEH overwrite. The exception must be passed twice in order to reach the overwritten handler.
This vulnerability was reported to the vendor and was patched in Foxit Reader 4.2.

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/15514.pdf (foxit_411_poc.pdf)