Intrusion Prevention

Foxit.PDF.Authorization.bypass

Description

This indicates an attack attempt against an authorization-bypass vulnerability in Foxit PDF reader.
The vulnerability is caused by an error when the vulnerable software handles a crafted .pdf file. It allows a remote attacker to execute arbitrary programs via sending a crafted .pdf file.

Affected Products

Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301

Impact

Security Bypass

Recommended Actions

Apply the patch available at the follolwing web site:
http://www.foxitsoftware.com/pdf/reader/security.htm

CVE References

CVE-2009-0836