Thursday, December 8, 2011

Update to Foxit Reader 5.1.3

If you use the Foxit Reader instead of Adobe's bloated, insecure PDF reader, you should update.
Foxit Reader Unspecified Memory Corruption Vulnerability - Secunia.com
Description:
A vulnerability has been reported in Foxit Reader, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error. No further information is currently available.

The vulnerability is reported in versions 5.1.0.1021 and prior.

Solution:
Update to version 5.1.3.
Foxit Reader - Building the Most Secure PDF Reader - Foxit Software
Fixed an issue when opening certain PDF files.

SUMMARY
Foxit Reader 5.1.3 fixed an issue when opening certain PDF files. This issue was caused by the cross-border assignment of an array which may result in memory corruption vulnerabilities.

Affected Versions
Foxit Reader 5.1.0.1021 and earlier.

Fixed in Version
Foxit Reader 5.1.3

SOLUTION
Please do one of the followings:

  • Please go to "Check for Updates Now" in Reader help menu to update to the latest version 5.1.3
  • Click here to download the updated version now.

According to the Foxit Software Announcement, there are also several other useful fixes in this update:
Maintenance Release - Foxit® Reader 5.1.3 - Foxit Software
Maintenance Release - Foxit® Reader 5.1.3
... Foxit Reader 5.1.3 fixes an issue of Foxit Reader when opening certain PDF files. This issue was caused by the cross-border assignment of an array which may result in memory corruption vulnerabilities or potential memory corruption vulnerabilities.

Other product modifications include:

  • Fixed an issue when right-clicking an opened PDF file in an internet browser after changing the UI language.
  • Fixed an issue where the paper size in the Preview Area of Print Dialogue Box cannot be updated accordingly if users choose the Xerox® Printer.
  • Fixed an issue when switching the interface language.
  • Fixed an issue where the Paper Drawer cannot be changed to Cassette when printing.

No comments: