Описание
Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document.
Ссылки
- PatchVendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 4.0 (включая)
Одно из
cpe:2.3:a:foxitsoftware:foxit_reader:*:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:2.0:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:2.2:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:2.3:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:3.0:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:3.1:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:3.2:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:foxitsoftware:foxit_reader:3.3.1:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00734
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-189
Связанные уязвимости
github
больше 3 лет назад
Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document.
EPSS
Процентиль: 72%
0.00734
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-189