[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-0332

Date: (C)2011-02-25   (M)2016-11-15
 
CVSS Score: 9.3Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow.

Reference:
SECTRACK-1025129
SECUNIA-43329
SECUNIA-43440
ADV-2011-0508
http://secunia.com/secunia_research/2011-14/
http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#memory

CPE    5
cpe:/a:foxitsoftware:foxit_reader:4.3
cpe:/a:foxitsoftware:foxit_reader:2.0
cpe:/a:foxitsoftware:foxit_reader:3.0
cpe:/a:foxitsoftware:foxit_reader:4.0
...
CWE    1
CWE-189
OVAL    1
oval:org.secpod.oval:def:466

© 2013 SecPod Technologies