JBIG2 Processing Buffer Overflow Vulnerability

The PDF-XChange Viewer for End Users
+++ FREE +++

Moderators: PDF-XChange Support, Daniel - PDF-XChange, Chris - PDF-XChange, Sean - PDF-XChange, Paul - PDF-XChange, Vasyl - PDF-XChange, Ivan - Tracker Software, Stefan - PDF-XChange

powerquest
User
Posts: 14
Joined: Mon Jul 07, 2008 7:29 am

JBIG2 Processing Buffer Overflow Vulnerability

Post by powerquest »

I read about the following JBIG2 Processing Buffer Overflow Vulnerability of the Adobe Acrobat Reader, Foxit Reader and Ghostscript.

http://secunia.com/advisories/33901/
http://secunia.com/advisories/34036/
http://secunia.com/advisories/34292/

As satisfied user of PDF-XChange Pro (incl. Viewer) I would like to know how far you have checked your software in this regard? Can you confirm, that you software is not exposed to this security issue?

Thanks in advance.
Top
User avatar
Ivan - Tracker Software
Site Admin
Posts: 3603
Joined: Thu Jul 08, 2004 10:36 pm

Re: JBIG2 Processing Buffer Overflow Vulnerability

Post by Ivan - Tracker Software »

We have checked all available "sample" PDFs in regard this vulnerability and none of them can crash the PDF-XChange viewer and take advantage of the reported issues in the way they can with the Adobe Reader.

However - If you have any of such PDFs, please send them us and we will check asap. The secunia web site has only a general description and not actual PDFs.

We are confident however that since we are using our own JBIG codecs and do not rely on any 3rd party technology - it is extremley unlikey we can be affected in any similar manner.

HTH
PDF-XChange Co Ltd. (Project Director)

When attaching files to any message - please ensure they are archived and posted as a .ZIP, .RAR or .7z format - or they will not be posted - thanks.
Top

Return to “PDF-XChange Viewer (End Users)”