Are there any available workarounds that would mitigate the threat? I suppose I could just upload all my PDFs to Google Docs in the meantime, but I'm looking for something that I could use while offline...<br><br>--Rohit Patnaik<br>
<br><div class="gmail_quote">On Tue, Oct 13, 2009 at 7:35 PM, mrx <span dir="ltr"><<a href="mailto:mrx@propergander.org.uk">mrx@propergander.org.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="im">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
<br>
</div>No, I installed latest updates prior to testing.<br>
They should be aware of this however considering what appear to be<br>
striking similarities in the code base between Foxit and Adobe<br>
readers, at least as far as shared bugs go.<br>
If not they will be aware of this after they read the email I sent them.<br>
<br>
MrX<br>
<div class="im"><br>
Rohit Patnaik wrote:<br>
> Has Foxit released an update for this?<br>
><br>
> --Rohit Patnaik<br>
><br>
> On Tue, Oct 13, 2009 at 6:40 PM, mrx <<a href="mailto:mrx@propergander.org.uk">mrx@propergander.org.uk</a>> wrote:<br>
><br>
><br>
</div><div><div></div><div class="h5">> It would appear that Foxit reader version 3.1.1.0928 is also<br>
> vulnerable to this memory corruption flaw.<br>
> Foxit reader was also vulnerable to the JPEG2000/JBIG2 decoder bug.<br>
><br>
> Makes me wonder how much code is common to both Adobes and Foxits PDF<br>
> readers<br>
><br>
> MrX<br>
><br>
><br>
> Berend-Jan Wever wrote:<br>
> >>> Adobe bulletin:<br>
> >>> <a href="http://www.adobe.com/support/security/bulletins/apsb09-15.html" target="_blank">http://www.adobe.com/support/security/bulletins/apsb09-15.html</a><br>
> >>><br>
> >>> Short description and repro case:<br>
> >>><br>
> <a href="http://skypher.com/index.php/2009/10/13/memory-corruption-when-loadingunloading-adobe-objects-through-embed-tag-in-firefox/" target="_blank">http://skypher.com/index.php/2009/10/13/memory-corruption-when-loadingunloading-adobe-objects-through-embed-tag-in-firefox/</a><br>
> >>> Cheers,<br>
> >>><br>
> >>> SkyLined<br>
> >>> <<br>
> <a href="http://skypher.com/index.php/2009/10/13/memory-corruption-when-loadingunloading-adobe-objects-through-embed-tag-in-firefox/" target="_blank">http://skypher.com/index.php/2009/10/13/memory-corruption-when-loadingunloading-adobe-objects-through-embed-tag-in-firefox/</a><br>
> >>> Berend-Jan Wever <<a href="mailto:berendjanwever@gmail.com">berendjanwever@gmail.com</a>><br>
> >>> <a href="http://skypher.com/SkyLined" target="_blank">http://skypher.com/SkyLined</a><br>
> >>><br>
> >>><br>
> >>><br>
> ----------------------------------------------------------------------<br>
> >>><br>
> >>> _______________________________________________<br>
> >>> Full-Disclosure - We believe in it.<br>
> >>> Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
> >>> Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br>
>><br>
_______________________________________________<br>
Full-Disclosure - We believe in it.<br>
Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br>
>><br>
<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v1.4.2 (MingW32)<br>
Comment: Using GnuPG with Mozilla - <a href="http://enigmail.mozdev.org/" target="_blank">http://enigmail.mozdev.org/</a><br>
<br>
</div></div>iQEVAwUBStUc0LIvn8UFHWSmAQIITggAxL/oV6LGNuqfXj59xbV3fLAdh/6aeE7I<br>
hna0TysRDSi/bN+lE/JLyh+F8WDdr/uNb4Kzc+mTEd5vVqTp2Qlw5ctkQu9AcCxn<br>
Gk9khwhgRkxYfE/DF9RsFluRMacEaYMUNuectMz+ViCiLhYiLSBrcN9N6khSBIHZ<br>
o8ttvZBlt9ovlIu08dmuexcIVpIax8SHJj+lPWtuuRYNw/PB02hu3Pnm839nP0cD<br>
o8ZQPXkG7zvVgBVdMoVCGLWkMgw1T9P73+32TqTC7aAuY9mwRWhG3o2LZo+/Iicl<br>
Z/uIBT74SWzWZOdhzwdQdlXpmKXad1A8W7XxqfFLhea6WYmbj/MzHg==<br>
=bPXc<br>
<div><div></div><div class="h5">-----END PGP SIGNATURE-----<br>
<br>
_______________________________________________<br>
Full-Disclosure - We believe in it.<br>
Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br>
</div></div></blockquote></div><br>