CVSS: 9.3EPSS: 5%CPEs: 3EXPL: 0CVE-2009-0690
https://notcve.org/view.php?id=CVE-2009-0690
23 Jun 2009 — The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read. El complemento Foxit JPEG2000/JBIG2 Decoder antes de v2.0.2009.616 para Foxit Reader 3.0 antes de Build1817 no gestiona c... • http://secunia.com/advisories/35512 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 7%CPEs: 3EXPL: 0CVE-2009-0191
https://notcve.org/view.php?id=CVE-2009-0191
10 Mar 2009 — Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a dereference of an uninitialized memory location. Foxit Reader v2.3 anterior a Build 3902 y v3.0 anterior a Build 1506, ademas de v3.0.2009.1301, no maneja adecuadamente un segmento del símbolo JBIG2 del diccionario sin nuevos símbolos, lo que permi... • http://secunia.com/advisories/34036 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 25%CPEs: 3EXPL: 0CVE-2008-1104
https://notcve.org/view.php?id=CVE-2008-1104
21 May 2008 — Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings. Desbordamiento de búfer basado en Pila en Foxit Reader versiones anteriores a la 2.3 build 2912 permite a atacantes remotos asistidos por el usuario ejecutar código arbitrariamente a través de ficheros PDF manipulados, relacionado con la función JavaScript util.... • http://secunia.com/advisories/29941 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •