Foxit Reader < 4.1.1.0805 FreeType CFF Opcodes RCE
High Nessus Plugin ID 48276
SynopsisA PDF viewer installed on the remote host is affected by a remote code execution vulnerability.
DescriptionThe version of Foxit Reader installed on the remote Windows host is prior to 4.1.1.0805. It is, therefore, affected by a remote code execution vulnerability in the FreeType engine due to multiple stack-based buffer overflow conditions in the CFF Type2 CharStrings interpreter, specifically within the function cff_decoder_parse_charstrings(). An attacker can exploit this, via crafted CFF opcodes in embedded fonts in a PDF document, to cause a denial of service or to execute arbitrary code with the user's privileges.
SolutionUpgrade to Foxit Reader version 4.1.1.0805 or later.