CVE Catalog

CVE-2013-10068

Critical
Published: Translated: NVD NIST

Summary

Foxit Reader versions through 5.4.5.0114, including the bundled Foxit Reader Plugin 2.2.1.530, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. Loading a PDF file from a remote host with an overly long query string in the URL can overflow a buffer, allowing remote attackers to execute arbitrary code.

Risk Assessment

This vulnerability poses a serious risk to organizations as it allows remote attackers to execute arbitrary code on user systems. This could lead to data loss, system takeover, or the spread of malware.

Recommendation

It is recommended to update Foxit Reader to the latest version to mitigate this vulnerability. Additionally, avoid opening PDF files from unknown sources.

Original NVD description (English source)

Foxit Reader versions through 5.4.5.0114, including the bundled Foxit Reader Plugin 2.2.1.530, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from a remote host, an overly long query string in the URL can overflow a buffer, allowing remote attackers to execute arbitrary code.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS