Foxit Reader JPEG2000头解码内存破坏漏洞

Bugraq ID: 35443
CVE-2009-0691
CNCVE-20090691

Foxit Reader是一款设计用于PDF文件的应用程序。
Foxit Reader处理JPX (JPEG2000)流存在问题，远程攻击者可以利用漏洞以应用程序权限执行任意指令。
Foxit Reader默认不能解码JPEG2000数据，安装了JPEG2000 / JBIG Decoder add-on的Foxit Reader受此漏洞影响。

通过诱使用户打开恶意DPF文件，攻击者可执行任意代码或使PDF查看器崩溃。

安全建议:升级程序：
Foxit Foxit Reader 2.3 build 2825
Foxit ImageDecoder_2.0.2009.616.fzip
http://mirrors.foxitsoftware.com/pub/foxit/reader/desktop/win/addon/Im ageDecoder_2.0.2009.616.fzip
Foxit Foxit Reader 2.3
Foxit ImageDecoder_2.0.2009.616.fzip
http://mirrors.foxitsoftware.com/pub/foxit/reader/desktop/win/addon/Im ageDecoder_2.0.2009.616.fzip
Foxit Foxit Reader 2.3 Build 3902
Foxit ImageDecoder_2.0.2009.616.fzip
http://mirrors.foxitsoftware.com/pub/foxit/reader/desktop/win/addon/Im ageDecoder_2.0.2009.616.fzip
Foxit Foxit Reader 2.3 build 2923
Foxit ImageDecoder_2.0.2009.616.fzip
http://mirrors.foxitsoftware.com/pub/foxit/reader/desktop/win/addon/Im ageDecoder_2.0.2009.616.fzip
Foxit Foxit Reader 2.2
Foxit ImageDecoder_2.0.2009.616.fzip
http://mirrors.foxitsoftware.com/pub/foxit/reader/desktop/win/addon/Im ageDecoder_2.0.2009.616.fzip
Foxit Foxit Reader 3.0 Build 1506
Foxit ImageDecoder_2.0.2009.616.fzip
http://mirrors.foxitsoftware.com/pub/foxit/reader/desktop/win/addon/Im ageDecoder_2.0.2009.616.fzip
Foxit Foxit Reader 3.0
Foxit ImageDecoder_2.0.2009.616.fzip
http://mirrors.foxitsoftware.com/pub/foxit/reader/desktop/win/addon/Im ageDecoder_2.0.2009.616.fzip
Foxit Foxit Reader 3.0.2009 1301
Foxit ImageDecoder_2.0.2009.616.fzip
http://mirrors.foxitsoftware.com/pub/foxit/reader/desktop/win/addon/Im ageDecoder_2.0.2009.616.fzip

姓　名：	*姓名最长为50字节

网址或邮箱：	(选填)

内　容：

验证码：	请点击后输入四位验证码，字母不区分大小写看不清?
	取消回复