Foxit Reader JPEG2000/JBIG Decoder Add-On Vulnerability
Will Dormann has discovered a vulnerability in the JPEG2000/JBIG Decoder add-on for Foxit Reader, which can be exploited by malicious people to potentially compromise a user’s system.
The vulnerability is caused due to an error when parsing boxes in a JPEG 2000 stream and can be exploited to cause a heap-based buffer overflow via a PDF file containing a specially crafted JPEG 2000 image.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in version 2.0 Build 2009.303. Other versions may also be affected.