View Full Version : Foxit Reader updates...

2009-03-09, 14:13

Foxit Reader multiple vulns - update available
- http://secunia.com/advisories/34036/2/
Release Date: 2009-03-09
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Foxit Reader 2.x, Foxit Reader 3.x
...This vulnerability is confirmed in version 3.0.2009.1301 and reported in versions 2.3 and 3.0.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code...
Solution: Update to version 3.0 Build 1506 or version 2.3 Build 3902 * ...
Original Advisory: Foxit Software: http://www.foxitsoftware.com/pdf/reader/security.htm
Release Date: Mar. 9, 2009
Stack-based Buffer Overflow in Foxit Reader 3.0
Security Authorization Bypass in Foxit Reader 2.3 and 3.0
JBIG2 Symbol Dictionary Processing in Foxit Reader 2.3 and 3.0...
2009-03-09: Foxit released fixed version 3.0 Build 1506...
Secunia Research: http://secunia.com/secunia_research/2009-11/
CVE reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0191

* http://www.foxitsoftware.com/downloads/index.html
Last Updated: 2009-03-09
OS: Windows 2000/XP/2003/Vista

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0191

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0836

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0837


2009-06-23, 14:01

Foxit Reader vuln - update available
- http://secunia.com/advisories/35512/2/
Release Date: 2009-06-22
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Foxit Reader JPEG2000/JBIG Decoder Add-On 2.x
Solution: Update to version 2.0 Build 2009.616.
Original Advisory: US-CERT VU#251793:
"...This issue is addressed in Foxit Reader 3.0 Build 1817 ..."
Foxit Software:

- http://www.foxitsoftware.com/downloads/
Foxit Reader 3.0 Build 1817(exe) 3.57MB 06/19/09
JPEG2000/JBIG Decoder 2.0 Build 2009.616(fzip) 169KB 06/19/09

- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0690
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0691

From an Admin account >Start Foxit Reader >Help >Check for Updates (select/add) ...Build 1817 ...Install


2009-09-03, 13:00

Foxit Reader v3.1.1.0901 released
- http://www.foxitsoftware.com/pdf/reader/bugfix.htm
Fixed in Foxit Reader
1. The reported issue of Foxit Reader crashing when users are viewing certain PDF files has been updated and is no longer a problem.
2. Fixed an issue where Foxit Reader may not be launched in the system without installing Microsoft Visual C++ 2005 Redistributable.

- http://www.foxitsoftware.com/downloads/index.php
Foxit Reader - 5.05 MB - 09/03/09
From an Admin account >Start Foxit Reader >Help >Check for Updates (select/add) ...FoxIt Reader Upgrade ...Install


2009-10-18, 13:53

Foxit PDF Reader Firefox Plugin Memory Corruption vuln
- http://secunia.com/advisories/37049/2/
Release Date: 2009-10-15
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched * (?)
Software: Foxit Reader 3.x ...
Solution: Do not visit untrusted websites or follow untrusted links.
Disable the Foxit Reader plugin in Firefox.
Original Advisory: http://seclists.org/fulldisclosure/2009/Oct/198
14 Oct 2009 - "It would appear that Foxit reader version is also vulnerable to this memory corruption flaw. Foxit reader was also vulnerable to the JPEG2000/JBIG2 decoder bug..."
Other References: SA36983: http://secunia.com/advisories/36983/2/

* http://www.foxitsoftware.com/pdf/reader/bugfix.htm
Fixed in Foxit Reader Fix the memory leak issue where the memory usage will continuously grow while viewing PDF files with Foxit Reader.
- http://www.foxitsoftware.com/downloads/index.php
Foxit Reader 5.06 MB - 10/13/09


2009-10-24, 14:18

FoxIt PDF Reader - print rendering problem noted w/v3.1.2.1013
- http://forums.foxitsoftware.com/showpost.php?p=35481&postcount=7
October 21, 2009 - "... with this version when printing a pdf - only part of the document is printed..."


2010-08-05, 14:57
Archived - See: http://forums.spybot.info/showpost.php?p=379968&postcount=86

Foxit Reader v4.1.0.0726 released
- http://www.foxitsoftware.com/downloads/index.php
08/03/10 - Foxit Reader 4.1 (exe)

- http://www.brothersoft.com/foxit-reader-download-61389.html

- http://www.foxitsoftware.com/pdf/reader/bugfix.php
Fixed in Foxit Reader 4.1
• Fixed the crash issue when opening certain PDFs.
• Optimized the reading engine and fixed the issue where the scrolling becomes very slowly when reading large PDFs.
• Users will not be prompted to set default PDF reader when either or both Phantom and Foxit Reader is installed.
• PDF icons are reverted to other Reader's PDF icons when Phantom/Foxit Reader is uninstalled, if those exist.
• Fixed the issue where the system sets Foxit Reader as the default PDF viewer without user permission when Foxit Reader launches...

Update now available through the "Check for Updates" function:
From an admin. account: > Help > Check for Updates now > FoxIt Reader Upgrade