Last Updated: 2013-01-11 14:44:08 UTC
by Stephen Hall (Version: 1)
Well, hot on the heals of Microsoft Patch Tuesday as we now know comes Adobe Patch Tuesday.
This covers a huge number of CVE's (27 if you need to know) and most of which "could" lead to code execution using a variety of techniques including use-after-free, integer, heap and stack over flows.
However, as we know "other PDF readers are available" and Foxit is quiet often what security minded people have installed. However there is also announced this week an as yet un-patched vulnerability discovered by Andrea Micalizzii in Foxit Reader 5.x, and Foxit Reader 2.x Plugin for which the exploit code is publicly available. This has reportedly been tested against version Foxit Reader 22.214.171.1248 which is what is available for download as of today.