However, many Web exploit toolkits used by cybercriminals still contain such exploits, the vast majority of which target vulnerabilities in outdated versions of Adobe Reader.
#Foxit pdf reader for opera pdf#
PDF exploits are not as commonly used in Web-based attacks today as they were a few years ago. Foxit advertises the application as "the most secure PDF reader" on its website and claims that it has over 130 million users.
8.įoxit Reader has often been advanced in the past as a safer alternative to Adobe Reader. Secunia credited Micalizzi in its own advisory on Jan. 7, meaning that it had zero-day - publicly known, but unpatched - status at the time. Micalizzi publicly disclosed details about the vulnerability and how it can be exploited on his website on Jan. However the vulnerability was actually found by independent security researcher Andrea Micalizzi. In its advisory, Foxit credits vulnerability research firm Secunia with discovering the flaw. Users are advised to upgrade to the newly released version by using the "Check for Updates Now" link under the application's "Help" menu.
The plug-in - npFoxitReaderPlugin.dll - is installed by default unless users clear a checkbox during the Foxit Reader installation process.įoxit Reader 5.4.5 contains a patched version of the browser plug-in, Foxit said in an advisory published on its website. The vulnerability was located in the Foxit Reader browser plug-in for Mozilla Firefox, Google Chrome, Opera, and Safari and could have been exploited by tricking users into opening an URL to a PDF document with an extremely long file name. Foxit released version 5.4.5 of its Foxit Reader PDF viewer plug-in on Thursday in order to address a critical remote code execution vulnerability that could have allowed attackers to compromise computers running previous versions of the software.
0 kommentar(er)
