Texas A&M AgriLife IT Security
Texas A&M AgriLife IT SecurityLatest IT news & tips to keep your computer safe

Foxit Reader JPEG2000/JBIG Decoder Add-On Vulnerability

by Leave a Comment

http://secunia.com/advisories/35512/2/
    
Foxit Reader JPEG2000/JBIG Decoder Add-On Vulnerability

Description:
Will Dormann has discovered a vulnerability in the JPEG2000/JBIG Decoder add-on for Foxit Reader, which can be exploited by malicious people to potentially compromise a user’s system.

The vulnerability is caused due to an error when parsing boxes in a JPEG 2000 stream and can be exploited to cause a heap-based buffer overflow via a PDF file containing a specially crafted JPEG 2000 image.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is confirmed in version 2.0 Build 2009.303. Other versions may also be affected.