Feeds

back to article Foxit outfoxes fiendish flaw to fix foxed-up Firefox PDF plugin

Foxit Software has fixed a critical security hole in its PDF plugin for web browsers. A bug in the code allowed overly long URLs in web links to crash the utility - billed as a "better" alternative to Adobe's software - or potentially inject malicious code into vulnerable Windows systems. The stack-based buffer overflow flaw is …

COMMENTS

This topic is closed for new posts.
Silver badge

Do you just love alliteration

Fiesty Foxit Finally Fixes a Few Fleeting Foibles. Phew.....

3
1
Silver badge

FFFFF.....

Ah bollocks, to hard to alliterate.

Slightly quicker than Adobe - and they patch bugs faster too :)

3
0
Silver badge
Happy

Re: FFFFF.....

That's why they got a buffer overflow. 16 bit will only get you FFFF

2
0
Silver badge
Meh

Might as well just use pdf.js

One less attack surface...

2
0
Silver badge

Re: Might as well just use pdf.js

Gave it a try and it worked, and far faster than I'd thought possible. Amazing.

Thanks for the tip.

1
0
Anonymous Coward

useful

This flap lead me to discover Sumatra PDF reader, which seems a great deal smaller, faster and less spammy than Foxit, so it was actually a useful exercise :)

5
0
Bronze badge
Coat

Re: useful

Yep, Suddenly you See Sumatra Sucks less ;)

(Ok, have to work on my alliteration skills. Unfortunately, that task will just have to join the queue ;) )

More seriously: yep, love Sumatra. Can't understand why it's not more popular among the Reg crowd.

0
0
Bronze badge

Re: useful

Possibly Reg-ers are appalled by the default acid yellow background of Sumatra PDF?

Fix it by adding bg-color to the shortcut, as in

"C:\Program Files\SumatraPDF\SumatraPDF.exe" -bg-color 0xF2F8FD

(a delicate pale blue in RGB).

4
0
Go

Re: useful

Got me switched to PDF-XChange. Faster load than Foxit, fills out forms. Farewell Foxit!

1
0
Thumb Up

Re: useful

Tried Sumatra when Foxit kinda went tits up for a bit and needed a .pdf reader (never, ever going to do Abobe again for that). What I thought neat about Sumatra was that it was also an ebook reader. Still, Foxit (when working) seems to integrate a bit better and Calibre is my ebook reader. Nonetheless, was quite impressed with Sumatra.

0
0
Thumb Up

Foxit

I use Foxit but the real point is that diversity is key. if PDF is supposed to be a standard we shouldn't have a monoculture of one single PDF reader. Inevitably it will get bought by a careless profit driven monolith like Adobe and Microsoft who will use it as a platform to start churning out shit.

6
0
Silver badge

I had almost expected

Firefox to feature in the fantastically fanciful headline

1
0
(Written by Reg staff) Silver badge

Re: I had almost expected

Good point; forgot that Firefox was the browser the bug was tested against.

C.

1
0
Silver badge

Re: I had almost expected

I see the Firefox headline flaw has fortuitously been fixed

0
0

This post has been deleted by a moderator

Silver badge

Re: Installer attempts to load ASK crapware

Use the Ninite installer instead, and keep it on your computer.

Each time you run it, it will install the latest version, and prevent installation of any toolbars. No browsing to find the latest file or anything.

Simples.

4
0
Silver badge
Linux

Re: Installer attempts to load ASK crapware

I had forgotten how tedious it is to install Windows and how you need use or buy third party applications to do anything useful.

Yes Ninite is good but I'm not trolling this time, I'm serious.

I gave up Windows after I spent more time maintaining it in working order than actually using it.

1
1
Thumb Up

Re: Installer attempts to load ASK crapware

Use the Ninite installer instead

Wow, cheers for that, certainly saves on the crapware getting thru.

0
0

Re: Installer attempts to load ASK crapware

You realise GNU/Linux is entirely made up of 3rd party application right ?

0
2
Bronze badge
Linux

Re: You realise GNU/Linux ...

I don't install GNU or Linux, I install a distribution that combines those with a whole bunch of other useful stuff in the initial installation, and a huge selection of optional extras via the integrated application manager. Debian or whoever don't write all that stuff, but they do integrate it into a useful package that's all available from a single source.

2
0
Bronze badge
Devil

What a complete and utter fox up...

0
2
Bronze badge

Be honest

You are only reporting on this so you can play with headlines, aren't you?

0
0
FAIL

Sadly their download page is so overloaded it wont even load what ever stupid JavaScript they are using instead of a real link...

0
0
Coat

Alliteration

Admirable allieration achieves accolades.

Adios. Mine's the one with the OED in the pocket.

0
0
This topic is closed for new posts.