Summary
Detail | |||
---|---|---|---|
Vendor | Foxitsoftware | First view | 2009-06-23 |
Product | jpeg2000/jbig2 Decoder Add-On | Last view | 2009-06-23 |
Version | 2.0.2009.303 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:foxitsoftware:jpeg2000/jbig2_decoder_add-on |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
9.3 | 2009-06-23 | CVE-2009-0690 | The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-189 | Numeric Errors |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-8 | Buffer Overflow in an API Call |
CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-14 | Client-side Injection-induced Buffer Overflow |
CAPEC-24 | Filter Failure through Buffer Overflow |
CAPEC-42 | MIME Conversion |
CAPEC-44 | Overflow Binary Resource File |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-46 | Overflow Variables and Tags |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-100 | Overflow Buffers |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
55618 | Foxit Reader JPEG2000/JBIG Decoder Add-On JPX Stream Handling Memory Corruption |
OpenVAS Exploits
id | Description |
---|---|
2009-06-30 | Name : Foxit Reader Multiple Denial of Service Vulnerabilities - Jun09 File : nvt/secpod_foxit_reader_mult_dos_vuln_jun09.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2009-06-22 | Name: A PDF viewer installed on the remote host is affected by multiple vulnerabili... File: foxit_reader_jbig_2_0_2009_616.nasl - Type: ACT_GATHER_INFO |