CVE-2009-0690
https://notcve.org/view.php?id=CVE-2009-0690
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read. El complemento Foxit JPEG2000/JBIG2 Decoder antes de v2.0.2009.616 para Foxit Reader 3.0 antes de Build1817 no gestiona correctamente un valor negativo para la posición del octeto del stream en un flujo JPEG2000 (alias JPX), lo que permite a atacantes remotos provocar una denegación de servicio (mediante corrupción memoria y bloqueo de la aplicación) o posiblemente ejecutar código arbitrario a través de un archivo PDF modificado que provoca una lectura fuera de límite. • http://secunia.com/advisories/35512 http://securitytracker.com/id?1022425 http://www.foxitsoftware.com/pdf/reader/security.htm#0602 http://www.kb.cert.org/vuls/id/251793 http://www.securityfocus.com/bid/35442 http://www.vupen.com/english/advisories/2009/1640 • CWE-189: Numeric Errors •
CVE-2009-0691
https://notcve.org/view.php?id=CVE-2009-0691
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 (aka JPX) header, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an invalid memory access. El complemento Foxit JPEG2000/JBIG2 Decoder antes de v2.0.2009.616 para Foxit Reader 3.0 antes de Build1817 no gestiona correctamente un error fatal durante la decodificación de una cabecera JPEG2000 (alias JPX), lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y bloqueo de la aplicación) o posiblemente ejecutar código arbitrario a través de un archivo PDF modificado que provoca un acceso a memoria no válida. • http://secunia.com/advisories/35512 http://securitytracker.com/id?1022425 http://www.foxitsoftware.com/pdf/reader/security.htm#0602 http://www.kb.cert.org/vuls/id/251793 http://www.securityfocus.com/bid/35443 http://www.vupen.com/english/advisories/2009/1640 • CWE-399: Resource Management Errors •
CVE-2009-0836
https://notcve.org/view.php?id=CVE-2009-0836
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspecified other impact via a crafted file, as demonstrated by the "Open/Execute a file" action. Foxit Reader v2.3 anterior a Build 3902 y v3.0 anterior a Build 1506, incluidas la 1120 y 1301, no requiere la confirmación del usuario antes de realizar acciones peligrosas en un fichero PDF, lo que permite a atacantes remotos ejecutar programas de manera arbitraria y pudiendo producir un impacto sin especificar a través de un fichero manipulado, como se ha demostrado en la acción "Abrir/Ejecutar fichero". • http://blog.zoller.lu/2009/03/remote-code-execution-in-pdf-still.html http://lists.immunitysec.com/pipermail/dailydave/2010-April/006079.html http://secunia.com/advisories/34036 http://www.coresecurity.com/content/foxit-reader-vulnerabilities http://www.foxitsoftware.com/pdf/reader/security.htm#bypass http://www.securityfocus.com/archive/1/501623/100/0/threaded http://www.securityfocus.com/bid/34035 http://www.securitytracker.com/id?1021824 http://www.vupen.com/english/advisories/2009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-0191
https://notcve.org/view.php?id=CVE-2009-0191
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a dereference of an uninitialized memory location. Foxit Reader v2.3 anterior a Build 3902 y v3.0 anterior a Build 1506, ademas de v3.0.2009.1301, no maneja adecuadamente un segmento del símbolo JBIG2 del diccionario sin nuevos símbolos, lo que permite atacantes remotos ejecutar código arbitrariamente a través de un fichero PDF manipulado que inicia una desreferencia y una localización de memoria no inicializada. • http://secunia.com/advisories/34036 http://secunia.com/secunia_research/2009-11 http://www.foxitsoftware.com/pdf/reader/security.htm#Processing http://www.securityfocus.com/archive/1/501590/100/0/threaded http://www.securityfocus.com/bid/34035 http://www.securitytracker.com/id?1021822 http://www.vupen.com/english/advisories/2009/0634 https://exchange.xforce.ibmcloud.com/vulnerabilities/49135 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2008-1104
https://notcve.org/view.php?id=CVE-2008-1104
Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings. Desbordamiento de búfer basado en Pila en Foxit Reader versiones anteriores a la 2.3 build 2912 permite a atacantes remotos asistidos por el usuario ejecutar código arbitrariamente a través de ficheros PDF manipulados, relacionado con la función JavaScript util.printf y los especificadores de punto flotante en las cadenas de formato. • http://secunia.com/advisories/29941 http://secunia.com/secunia_research/2008-18/advisory http://securityreason.com/securityalert/3899 http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801 http://www.kb.cert.org/vuls/id/119747 http://www.securityfocus.com/archive/1/492289/100/0/threaded http://www.securityfocus.com/bid/29288 http://www.securitytracker.com/id?1020050 http://www.vupen.com/english/advisories/2008/1572 https://exchange.xforce.ibmcloud.com/vulnerabilities/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •