CVE-2008-1104

https://notcve.org/view.php?id=CVE-2008-1104

Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings. Desbordamiento de búfer basado en Pila en Foxit Reader versiones anteriores a la 2.3 build 2912 permite a atacantes remotos asistidos por el usuario ejecutar código arbitrariamente a través de ficheros PDF manipulados, relacionado con la función JavaScript util.printf y los especificadores de punto flotante en las cadenas de formato. • http://secunia.com/advisories/29941 http://secunia.com/secunia_research/2008-18/advisory http://securityreason.com/securityalert/3899 http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801 http://www.kb.cert.org/vuls/id/119747 http://www.securityfocus.com/archive/1/492289/100/0/threaded http://www.securityfocus.com/bid/29288 http://www.securitytracker.com/id?1020050 http://www.vupen.com/english/advisories/2008/1572 https://exchange.xforce.ibmcloud.com/vulnerabilities/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •