Описание
Foxit Reader 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with (1) a malformed ExtGState resource containing a /Font resource, or (2) an XObject resource with a Rotate setting, which triggers memory corruption. NOTE: this is probably a different vulnerability than CVE-2007-2186.
Ссылки
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:foxit_software:reader:2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02765
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
Foxit Reader 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with (1) a malformed ExtGState resource containing a /Font resource, or (2) an XObject resource with a Rotate setting, which triggers memory corruption. NOTE: this is probably a different vulnerability than CVE-2007-2186.
EPSS
Процентиль: 86%
0.02765
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-20