Foxit Reader 4.1.1 - Stack Overflow

Author: dookie
type: dos
platform: windows
port: 
date_added: 2010-11-13  
date_updated: 2017-06-15  
verified: 1  
codes: OSVDB-68648  
tags:   
aliases: foxit_411_poc.pdf  
screenshot_url: http://www.exploit-db.com/screenshots/idlt16000/screen-shot-2010-11-13-at-65610-am.png  
application_url: http://www.exploit-db.comFoxitReader411_enu_Setup.exe  

raw file: 15514.txt  

Foxit Reader 4.1.1 is subject to a stack overflow vulnerability when parsing overly long unicode titles resulting in a SEH overwrite.
The included PoC results in a SEH overwrite. The exception must be passed twice in order to reach the overwritten handler.
This vulnerability was reported to the vendor and was patched in Foxit Reader 4.2.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/15514.pdf (foxit_411_poc.pdf)