Closed
Bug 524459
Opened 15 years ago
Closed 3 years ago
Foxit Reader Firefox Plugin version 09.43.9 vulnerable
Categories
(Websites :: plugins.mozilla.org, defect)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: chofmann, Unassigned)
References
Details
(Whiteboard: [data][plugin-approval])
No description provided.
|
Reporter | |
Comment 1•15 years ago
|
||
09.43.9 Foxit Reader Firefox Plugin Memory Corruption Vulnerability (SANS @Risk) - http://www.sans.org/newsletters/risk/display.php?v=8&i=43&rss=Y#09.43.9
# Platform: Third Party Windows Apps
# Title: Foxit Reader Firefox Plugin Memory Corruption Vulnerability
# Description: Foxit Reader is a PDF document viewer. Foxit Reader plugin for Firefox "npFoxitReaderPlugin.dll" is vulnerable to a memory corruption issue. Foxit Reader versions 3.1.2.1013 and Mozilla Firefox 3.5.3 are vulnerable. Other versions may also be affected.
# Ref: http://seclists.org/fulldisclosure/2009/Oct/198
|
||
Updated•15 years ago
|
Component: Other → Plugins
Product: Websites → addons.mozilla.org
QA Contact: other → plugin-listings
|
||
Comment 2•15 years ago
|
||
Why Mac OS X? There is not even a version of Foxit for that system.
Changing to Windows XP (the most popular Windows version)
OS: Mac OS X → Windows XP
|
||
Updated•15 years ago
|
Component: Plugins → plugins.mozilla.org
Product: addons.mozilla.org → Websites
|
||
Updated•15 years ago
|
Summary: foxit reader plugin updates → Foxit Reader Firefox Plugin version 09.43.9 vulnerable
Whiteboard: [data][plugin-approval]
|
||
Comment 3•14 years ago
|
||
Old bug, and there have been a number of newer versions of Foxit Reader that have been released since this time (see http://www.foxitsoftware.com/products/reader/security_bulletins.php#files). Unfortunately plugin versions don't correspond to Reader versions, so not sure what plugin version needs to be marked vulnerable for this Windows and Firefox only product.
Latest version of Foxit plugin (2.0.1.524) added to stage and ready for QA at https://www-trunk.stage.mozilla.com/en-US/plugincheck/
|
|
||
Comment 4•14 years ago
|
||
This is the Secunia advisory for the same vulnerability
http://secunia.com/advisories/37049/
The relevant fragment about versions numbers:
"The vulnerability is confirmed with Foxit Reader version 3.1.2.1013 and Mozilla Firefox 3.5.3. Other versions may also be affected.
Solution
Update to version 3.1.3.1030 and install the latest Firefox Plugin via the internal update mechanism."
The only Windows version you can download from Foxit website today is 5.0.1.0523
Smells like RESOLVED to me.
Plugins are no longer supported
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → INCOMPLETE
You need to log in
before you can comment on or make changes to this bug.
Description
•