CVE-2009-0690
https://notcve.org/view.php?id=CVE-2009-0690
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read. El complemento Foxit JPEG2000/JBIG2 Decoder antes de v2.0.2009.616 para Foxit Reader 3.0 antes de Build1817 no gestiona correctamente un valor negativo para la posición del octeto del stream en un flujo JPEG2000 (alias JPX), lo que permite a atacantes remotos provocar una denegación de servicio (mediante corrupción memoria y bloqueo de la aplicación) o posiblemente ejecutar código arbitrario a través de un archivo PDF modificado que provoca una lectura fuera de límite. • http://secunia.com/advisories/35512 http://securitytracker.com/id?1022425 http://www.foxitsoftware.com/pdf/reader/security.htm#0602 http://www.kb.cert.org/vuls/id/251793 http://www.securityfocus.com/bid/35442 http://www.vupen.com/english/advisories/2009/1640 • CWE-189: Numeric Errors •
CVE-2009-0191
https://notcve.org/view.php?id=CVE-2009-0191
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a dereference of an uninitialized memory location. Foxit Reader v2.3 anterior a Build 3902 y v3.0 anterior a Build 1506, ademas de v3.0.2009.1301, no maneja adecuadamente un segmento del símbolo JBIG2 del diccionario sin nuevos símbolos, lo que permite atacantes remotos ejecutar código arbitrariamente a través de un fichero PDF manipulado que inicia una desreferencia y una localización de memoria no inicializada. • http://secunia.com/advisories/34036 http://secunia.com/secunia_research/2009-11 http://www.foxitsoftware.com/pdf/reader/security.htm#Processing http://www.securityfocus.com/archive/1/501590/100/0/threaded http://www.securityfocus.com/bid/34035 http://www.securitytracker.com/id?1021822 http://www.vupen.com/english/advisories/2009/0634 https://exchange.xforce.ibmcloud.com/vulnerabilities/49135 • CWE-94: Improper Control of Generation of Code ('Code Injection') •