DjVu Browser Plug-in < 6.1.1 Multiple Buffer Overflows
High Nessus Plugin ID 24670
SynopsisA browser plugin on the remote Windows host is affected by multiple buffer overflow vulnerabilities.
DescriptionThe DjVu Browser Plug-in is installed on the remote Windows host. This plugin provides the primary means of viewing DjVu documents, which are used for publishing scanned books, catalogs, historical documents, research papers, manuals, etc.
The version of the DjVu Browser Plug-in installed on the remote host reportedly is affected by several buffer overflows involving various functions. An attacker may be able to leverage these issues to execute arbitrary code on the remote host subject to the user's privileges if the user can be tricked into viewing a specially crafted web page.
SolutionUpgrade to DjVu Browser Plug-in version 6.1.1 or later.