OS/Platform/Application:

Foxit Reader (when used as a plugin for Firefox)

Category: ALERT
Severity: HIGH
Attention: Foxit users, System Administrators, Desktop Support Personnel.

Summary: Foxit reader is a popular freeware alternative to more common Portable Document Format (PDF) readers such as Adobe Reader, etc.  Internet security resources are reporting the existence of a vulnerability in the Foxit reader plugin for Mozilla Firefox that could (if successfully exploited) result in takeover of a vulnerable computer.  The most likely mechanism of exploit would be the viewing of a maliciously-crafted web page.  At the time of this writing (7:40 AM 10/15/09) there is no patch available from the vendor to address this vulnerability.

Recommended Actions: Please note that this vulnerability only pertains to systems that are running the Foxit Reader plugin for Mozilla Firefox.  Disabling the plugin will stop the mechanism of infection.  To determine if your browser is running the plugin/disable the plugin follow these steps:

-In the Firefox browser toolbar go to Tools>Add ons.
-click the "Plugins" button at the top of the Add ons window.
-Look for "Foxit Reader Plugin for Mozilla"
-If this plugin is present on the computer, click the "Disable" button.

Readers are encouraged to share this alert with family, friends, and associates.

ITS Actions: N/A

Resources:

Secunia Advisory:
http://secunia.com/advisories/37049/