Vulnerability Description
Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4.11281, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from a remote host, an overly long query string in the URL can overflow a buffer, allowing remote attackers to execute arbitrary code.
Related Weaknesses (CWE)
References
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exp
- https://www.exploit-db.com/exploits/23944
- https://www.exploit-db.com/exploits/24502
- https://www.tenable.com/plugins/nessus/64094
- https://www.vulncheck.com/advisories/foxit-reader-plugin-url-processing-buffer-o
FAQ
What is CVE-2013-10068?
CVE-2013-10068 is a documented vulnerability. Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4.11281, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from...
How severe is CVE-2013-10068?
CVSS scoring is not yet available for CVE-2013-10068. Check NVD for updates.
Is there a patch for CVE-2013-10068?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.