Foxit outfoxes fiendish flaw to fix foxed-up Firefox PDF plugin
Buffer-boundary bashing bug blatted
Foxit Software has fixed a critical security hole in its PDF plugin for web browsers.
A bug in the code allowed overly long URLs in web links to crash the utility - billed as a "better" alternative to Adobe's software - or potentially inject malicious code into vulnerable Windows systems. The stack-based buffer overflow flaw  is present in versions 5.4.4 and earlier of the software.
Users of the PDF-viewing plugin are advised to update to version 5.4.5 as explained in an advisory by Foxit . The company credits Danish security notification firm Secunia and Core Security Technologies for finding and confirming the issue in the Firefox build of the software, respectively. ®