Avatar for Username

Hilfe durchsuchen

Vorsicht vor Support-Betrug: Wir fordern Sie niemals auf, eine Telefonnummer anzurufen, eine SMS an eine Telefonnummer zu senden oder persönliche Daten preiszugeben. Bitte melden Sie verdächtige Aktivitäten über die Funktion „Missbrauch melden“.

Learn More

Dieses Thema wurde archiviert. Bitte stellen Sie eine neue Frage, wenn Sie Hilfe benötigen.

Foxit Reader Plugin for Mozilla 2.2.3.111 blocked while blocklist.xml tops out at maxVersion="2.2.1.530"

  • 2 Antworten
  • 61 haben dieses Problem
  • 3 Aufrufe
  • Letzte Antwort von keith20mm

keith20mm
keith20mm
more options

Attempting to open a .pdf with Firefox 18.0, and having Foxit Reader Plugin for Mozilla 2.2.3.111 installed, I receive the gray lego piece page with text "The plugin is vulnerable and should be updated/Check for updates/Click here to activate the Foxit Reader for Mozilla plugin"

I look into the blocklist.xml file and find the plugin item: 

     <pluginItem  blockID="p250">
                 <match name="filename" exp="npFoxitReaderPlugin\.dll" />                      <versionRange  minVersion="0" maxVersion="2.2.1.530" severity="0" vulnerabilitystatus="2"></versionRange>
                 </pluginItem>


Next, I view installed plugins and find: Foxit Reader Plugin for Mozilla 2.2.3.111, and it is not disabled.

My first question is why, when the installed plugin version is 2.2.3.111, and the blocklist maxVersion is 2.2.1.530, do I receive any kind of plugin blocked page?

My second question is "is there any method or technique so specifically unblock a particular plugin, without affecting any other plugin?"

I force-reinitialized the blocklist.xml file and database.

Currently, I am running extensions.blocklist.enabled false, to sidestep this exact problem, but would definitely prefer to have this set true.

Thanks.

Attempting to open a .pdf with Firefox 18.0, and having Foxit Reader Plugin for Mozilla 2.2.3.111 installed, I receive the gray lego piece page with text "The plugin is vulnerable and should be updated/Check for updates/Click here to activate the Foxit Reader for Mozilla plugin" I look into the blocklist.xml file and find the plugin item: <pluginItem blockID="p250"> <match name="filename" exp="npFoxitReaderPlugin\.dll" /> <versionRange minVersion="0" maxVersion="2.2.1.530" severity="0" vulnerabilitystatus="2"></versionRange> </pluginItem> Next, I view installed plugins and find: Foxit Reader Plugin for Mozilla 2.2.3.111, and it is not disabled. My first question is why, when the installed plugin version is 2.2.3.111, and the blocklist maxVersion is 2.2.1.530, do I receive any kind of plugin blocked page? My second question is "is there any method or technique so specifically unblock a particular plugin, without affecting any other plugin?" I force-reinitialized the blocklist.xml file and database. Currently, I am running extensions.blocklist.enabled false, to sidestep this exact problem, but would definitely prefer to have this set true. Thanks.

Alle Antworten (2)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

See:

  • bug 828982 - Plugin block request: Foxit Reader Plugin 2.2.1.530 and below due to critical vulnerability

(please do not comment in bug reports: https://bugzilla.mozilla.org/page.cgi?id=etiquette.html)

keith20mm
keith20mm Fragesteller
more options

Hi cor-el,

I did see the bug report, that relates to 2.2.1.530 AND BELOW.

The current installed plugin is 2.2.3.111, which is ABOVE 2.2.1.530, hence the blocklist should not apply, since its setting "maxVersion", apparently the maximum version to which the block list should apply, is 2.2.1.530.

Thank your for looking into this, though.

Possibly I do not understand the maxVersion property in the .xml?