Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Foxit Reader Plugin for Mozilla 2.2.3.111 blocked while blocklist.xml tops out at maxVersion="2.2.1.530"

  • 2 replies
  • 61 have this problem
  • 2 views
  • Last reply by keith20mm

more options

Attempting to open a .pdf with Firefox 18.0, and having Foxit Reader Plugin for Mozilla 2.2.3.111 installed, I receive the gray lego piece page with text "The plugin is vulnerable and should be updated/Check for updates/Click here to activate the Foxit Reader for Mozilla plugin"

I look into the blocklist.xml file and find the plugin item:

     <pluginItem  blockID="p250">
                 <match name="filename" exp="npFoxitReaderPlugin\.dll" />                      <versionRange  minVersion="0" maxVersion="2.2.1.530" severity="0" vulnerabilitystatus="2"></versionRange>
                 </pluginItem>


Next, I view installed plugins and find: Foxit Reader Plugin for Mozilla 2.2.3.111, and it is not disabled.

My first question is why, when the installed plugin version is 2.2.3.111, and the blocklist maxVersion is 2.2.1.530, do I receive any kind of plugin blocked page?

My second question is "is there any method or technique so specifically unblock a particular plugin, without affecting any other plugin?"

I force-reinitialized the blocklist.xml file and database.

Currently, I am running extensions.blocklist.enabled false, to sidestep this exact problem, but would definitely prefer to have this set true.

Thanks.

Attempting to open a .pdf with Firefox 18.0, and having Foxit Reader Plugin for Mozilla 2.2.3.111 installed, I receive the gray lego piece page with text "The plugin is vulnerable and should be updated/Check for updates/Click here to activate the Foxit Reader for Mozilla plugin" I look into the blocklist.xml file and find the plugin item: <pluginItem blockID="p250"> <match name="filename" exp="npFoxitReaderPlugin\.dll" /> <versionRange minVersion="0" maxVersion="2.2.1.530" severity="0" vulnerabilitystatus="2"></versionRange> </pluginItem> Next, I view installed plugins and find: Foxit Reader Plugin for Mozilla 2.2.3.111, and it is not disabled. My first question is why, when the installed plugin version is 2.2.3.111, and the blocklist maxVersion is 2.2.1.530, do I receive any kind of plugin blocked page? My second question is "is there any method or technique so specifically unblock a particular plugin, without affecting any other plugin?" I force-reinitialized the blocklist.xml file and database. Currently, I am running extensions.blocklist.enabled false, to sidestep this exact problem, but would definitely prefer to have this set true. Thanks.

All Replies (2)

more options

See:

  • bug 828982 - Plugin block request: Foxit Reader Plugin 2.2.1.530 and below due to critical vulnerability

(please do not comment in bug reports: https://bugzilla.mozilla.org/page.cgi?id=etiquette.html)

more options

Hi cor-el,

I did see the bug report, that relates to 2.2.1.530 AND BELOW.

The current installed plugin is 2.2.3.111, which is ABOVE 2.2.1.530, hence the blocklist should not apply, since its setting "maxVersion", apparently the maximum version to which the block list should apply, is 2.2.1.530.

Thank your for looking into this, though.

Possibly I do not understand the maxVersion property in the .xml?