Foxitsoftware Foxit Reader 2.3

Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references.

Published: 2012-08-23T15:00:00.000Z
Updated: 2024-09-16T19:56:39.365Z

Untrusted search path vulnerability in Foxit Reader before 5.0.2.0718 allows local users to gain privileges via a Trojan horse dwmapi.dll, dwrite.dll, or msdrm.dll in the current working directory.

Published: 2011-09-27T19:00:00.000Z
Updated: 2024-09-16T16:43:37.256Z

Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document.

Published: 2011-06-24T20:00:00.000Z
Updated: 2024-08-06T22:46:00.196Z

Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow.

Published: 2011-02-25T18:00:00.000Z
Updated: 2024-08-06T21:51:07.762Z

Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and (2) execute arbitrary programs embedded in a PDF document via an unspecified "/Launch /Action" sequence, a related issue to CVE-2009-0836.

Published: 2010-04-05T15:15:00.000Z
Updated: 2024-09-16T17:22:42.306Z

Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a dereference of an uninitialized memory location.

Published: 2009-03-10T20:00:00.000Z
Updated: 2024-08-07T04:24:18.254Z