Foxit Reader Part3
at SOFTWARE
[
2ch
|
▼Menu
]
■コピペモード
□
スレを通常表示
□
オプションモード
□このスレッドのURL
■項目テキスト
50:名無しさん@お腹いっぱい。 08/05/21 03:08:21 6pxytGde0 しおりどころじゃないな Foxit Reader "util.printf()" Buffer Overflow - Advisories - Secunia http://secunia.com/advisories/29941/ 51:名無しさん@お腹いっぱい。 08/05/21 18:22:02 hDcJNaHG0 http://secunia.com/secunia_research/2008-18/advisory/ 4) Description of Vulnerability Secunia Research has discovered a vulnerability in Foxit Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when parsing format strings containing a floating point specifier in the "util.printf()" JavaScript function. This can be exploited to cause a stack-based buffer overflow via a specially crafted PDF file. Successful exploitation allows execution of arbitrary code. ====================================================================== 5) Solution The vulnerability is fixed in upcoming version 2.3 build 2912. ====================================================================== 6) Time Table 23/04/2008 - Vendor notified. 08/05/2008 - Vendor notified again. 08/05/2008 - Vendor response. 20/05/2008 - Public disclosure.
次ページ
最新レス表示
スレッドの検索
類似スレ一覧
話題のニュース
おまかせリスト
▼オプションを表示
レスジャンプ
mixiチェック!
Twitterに投稿
オプション
しおりを挟む
スレッドに書込
スレッドの一覧
暇つぶし2ch
5363日前に更新/94 KB
担当:undef