This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Foxitsoftware First view 2009-06-23
Product jpeg2000/jbig2 Decoder Add-On Last view 2009-06-23
Version 2.0.2009.303 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:foxitsoftware:jpeg2000/jbig2_decoder_add-on

Activity : Overall

Related : CVE

  Date Alert Description
9.3 2009-06-23 CVE-2009-0690

The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 (aka JPX) stream, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted PDF file that triggers an out-of-bounds read.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-189 Numeric Errors

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-100 Overflow Buffers

Open Source Vulnerability Database (OSVDB)

id Description
55618 Foxit Reader JPEG2000/JBIG Decoder Add-On JPX Stream Handling Memory Corruption

OpenVAS Exploits

id Description
2009-06-30 Name : Foxit Reader Multiple Denial of Service Vulnerabilities - Jun09
File : nvt/secpod_foxit_reader_mult_dos_vuln_jun09.nasl

Nessus® Vulnerability Scanner

id Description
2009-06-22 Name: A PDF viewer installed on the remote host is affected by multiple vulnerabili...
File: foxit_reader_jbig_2_0_2009_616.nasl - Type: ACT_GATHER_INFO